GDPR: Compliance and opportunities

Contact Relationship Management - Data - Legislation

Marc Thevenin By Marc Thevenin


During this webinar, we will help you to get to the heart of the new regulation. The aim of this webinar is to get to grips with GDPR, to list the steps to take and to identify which aspects of a contact management solution can help you stay compliant.

What is GDPR?

General Data Protection Regulation is a new European regulation covering personal data protection that will be observed by the UK and will come into effect on Friday 25th 2018. Aiming to better protect EU residents’ personal data, this regulation implicates:

  • Individuals, companies, public authorities, services and organisations
  • Regardless of size, location or activity
  • If they are involved in processing of personal or sensitive data of EU residents
  • Transparency: You must be transparent about what you are going to do with collected data
  • Limitation: Data collected can only be used for the methods for which it was collected
  • Minimalism: Only collect information that is necessary
  • Accuracy: Requests for rectification must be dealt with as soon as possible
  • Security: Guarantee appropriate data security
  • Legality: You must have a valid lawful basis in order to process data
  • Accountability: You must be able to demonstrate that you respect the rules
  • Privacy by design: Take into account data protection from conception in all processing activities
  • Privacy by default: Guarantee the highest level of data protection by default

It is also important to think about the length of time data is held in systems. This may vary depending on type of data and reasons for processing. Find out more with Arthur’s guidance in the video extract below.

GDPR : What are the risks and penalties?

We are to expect more control and less leeway. If regulation is not followed, the controlling authority (The ICO in the UK) can take progressive measures that could lead to progressive penalties:

  • Warning
  • Reminder
  • Formal notice
  • Administrative fines of up to €20 million or up to 4% of a company’s global sales revenue.

Learn more about potential situations that could expose you to penalties in the extract below.

Personal data protection in 2018

Over the course of this webinar, Arthur D’Achon responds to frequently asked questions about GDPR and personal data protection. These include:

  • How is personal data defined?
  • What do we mean by “Processing of personal data”?

In this section, Arthur covers the role of the Data Protection Officer, transfer of data outside of the EU and the associated security obligations.

Individual rights: What are the rules to follow?

Individual rights regarding GDPR represents various requirements, such as:

  • Collection of personal data can take place once those concerned have been informed of your identity, the purpose of the collection and their rights
  • Collection of their consent, in an active, voluntary manner
  • Inform individuals of their rights to access & rectification their personal data, data portability and deletion

GDPR and contact management: How to lighten the load

It is possible to make life easier for you and your teams to manage data protection and individual rights with a contact management solution that’s GDPR ready. These will be able to manage automations, workflow and interfaces with other software, identifying different methods of communication with your targets, which solutions process this information, estimated volume of contacts and interactions, etc.Conversely, without the following at your disposal:

  • A detailed list of contacts
  • Centralised database
  • Sufficient architecture and interfaces with other software used
  • Deduplication tools
  • Sufficient data security measures (access, confidentiality, backup, etc)
  • Monitoring and audit tools
  • Features that cover consent, requests for access, rectification, data portability and deletion
  • Data storage management

It will become incredibly difficult to maintain traceability of all actions and interactions, thus exposing you to lack of compliance and a risk of penalties.

GDPR: You will be the first to benefit

This new regulation puts the spotlight back on pertinence, quality and good management of your contact lists. By remaining compliant, your organisation will be the first to reap the benefits:

Teams will find themselves getting better results on their actions; A cleaner database will give less churn, fewer bounce backs on email campaigns, improved ROI on marketing, more accurate reports and a better image of your organisation as a whole.

See more benefits of GDPR compliance in the video extract below:

Please note that we always recommend that this information is never used alone, but as part of a wider research into GDPR. We heartily encourage you to continue your study of the regulation by contacting the ICO, your legal teams or a legal specialist.