190 likes | 284 Views
"GDPR B2B Marketing, the EU data protection policy update came to enforcement on 25th May 2018. With an intention to strengthen the consumer’s privacy, this regulation is made applicable to all the corporations doing business with Europe. <br><br>If you are one among them, download this free guide to know more: https://www.bluemailmedia.com/gdpr-in-a-nutshell-everything-b2b-marketer-should-know.php"<br>
E N D
GDPR In A Nutshell: Everything B2B Marketer Should Know Legal Disclosure Information that you are about to read is an interpretation of our experts to help you understand the GDPR regulation. The information is compiled to the best of our knowledge and is represented keeping in focus the essentials that define the limitation of a marketer soliciting clients through the digital channel. Use of this resource does not supplement legal advice, as we do not represent any bodies of the law. If you have concerns with the specifics or if you are seeking legal advice, we recommend you to contact a specialist in this area. Kindly refer the official page to obtain complete details regarding GDPR requirements. | | | | | |
Table of Index I. Introduction 1. What is GDPR? 2. What is Personal Data? II. Principles Of GDPR 01 01 01 02 III. Opportunities for B2B Marketers 03 IV. Steps to Follow 04 V. Consent 1. What is a Consent? 2. Key Aspects of Consent? 3. Duration of Consent 05 05 06 07 IX. Fundamental Rights of Individuals 1. Right to Be Informed 2. Right of Access 3. Right to Rectifcation 4. Right to Erasure 5. Right to Restrict Processing 6. Right to Data Portability 7. Right to Object 8. Right Related to Automated Decision Making and Profling X. Penalties 08 08 08 08 09 09 09 09 09 10 XI. Glossary 12
GDPR In A Nutshell: Everything B2B Marketer Should Know | P 01 I. Introduction The European General Data Protection Regulation is an update of the Data Protection Directive 95/46/EC. This new policy came into force on 25th May 2018. It is intended to harmonize data privacy laws across Europe and hence protects the personal data of all the EU citizens. This law encourages the businesses to be transparent in their data processing activities. This free guide covers all the essential details of GDPR and also its impact on B2B business. I. What is GDPR? The EU General Data Protection Regulation (GDPR) is a newly embraced law which enforces the protection of personal data of all the European citizens by the businesses who operate within and outside of Europe. In the UK, the GDPR will replace the Data Protection Act. Note: This law is not applicable to legal entities and also a deceased person. 2. What is Personal Data? As mentioned above, GDPR applies only to the ‘personal data.’ Here the personal data stands for any information related to a person which directly or indirectly identifies him. It includes different identifiers such as a name, surname, residential address, email address, identification card number, Internet Protocol (IP) address, advertising identifier, cookie ID, and few more which helps in uniquely identifying a person. | | | | | 1-888-494-0588 sales@bluemailmedia.com www.bluemailmedia.com
GDPR In A Nutshell: Everything B2B Marketer Should Know | P 02 II. Principles of GDPR The GDPR consists of six principles in Article 5. This principle is related to the processing of an individual’s data. Lawfulness, Fairness, and Transparency It says all the individual’s data must be processed lawfully, reasonably and also in a transparent manner. The organization must collect the personal data for specified, explicit and legitimate purposes. One should not process it beyond the limit. Purpose Limitation Data The received data must be adequate, relevant and also limited to the objects for which they have taken. Minimization The data must always be accurate and reliable. Therefore, the organization must always keep it up to date. Accuracy The gathered data must be kept in a form which permits identification of an individual for no longer than it is necessary. Storage Limitation One must treat the personal information in a manner that guarantees its security and also its integrity. Integrity and Confidentiality | | | | | 1-888-494-0588 sales@bluemailmedia.com www.bluemailmedia.com
GDPR In A Nutshell: Everything B2B Marketer Should Know | P 03 III. Opportunities for B2B Marketers GDPR is always suitable for global brands who give more importance for the personalized and also real-time engagements with the customers. So, the B2B marketers must happily embrace this law which creates more opportunities for them worldwide. I. Customized Marketing According to GDPR, the consent of the user is a must before collecting the data. The companies following this policy will have a leaner database of only engaging users. Besides, this rule will save lots of effort and time spent on uninterested users. Therefore, it gives way for personalized marketing which results in higher engagement rate. 2. Attract Qualifed Leads Since users must opt-in to receive any communication from your business, you will have only the most engaging users on your list. Hence you can reap the full benefit of marketing strategies by communicating with the qualified or potential prospects. 3. Be a Leader Your organization must face all the challenges drawn by the GDPR to stay ahead in the competition. Also, you need to invest in the culture that supports an individual’s privacy. The more secured your data is, the higher your business will grow which in turn, increases the customer’s trust. | | | | | 1-888-494-0588 sales@bluemailmedia.com www.bluemailmedia.com
GDPR In A Nutshell: Everything B2B Marketer Should Know | P 04 IV. Steps to Follow The organization must follow some measures to go with the GDPR policy. It may seem difficult and challenging in the beginning, but the outcome will be worth your effort. This Section includes different steps to make your data GDPR compliant. 1. Perform Audit Every business must examine their data source to become GDPR compliant. They should understand different processes such as data collection, its usage, storage place, access information, and also the security provided to it. 2. Review Privacy Policies You must review your privacy policy in detail. You should understand the present method of collecting and using data. Later, you can examine whether the new EU regulation supports this approach. 3. Raise Awareness The senior management has to raise awareness about GDPR policy within their organization. Since employees work with the user’s data, they must be knowing about all the new changes in the regulation. While violating the law results in severe penalties, they must be careful while handling such data in the business task. 4. Contact Your Suppliers Your organization must make some necessary changes to the systems such as data storage and security to stay compliant with the GDPR. Therefore, to implement those changes, you have to speak to your suppliers and know what steps they follow to support GDPR. 5. Appoint Data Protection Ofcer (DPO) While in some cases, you may need the help of third-party sources or any experts in the data security field to safeguard the information. Based on your circumstances, you can take such advice or seek guidance from them or DPO to handle the data securely. 6. Use Legitimate Guidance Go for legal help on how to implement GDPR in your business. For example, the Article 29 Working Party or ICO will guide you in this part. Study their updates to learn more about it. | | | | | 1-888-494-0588 sales@bluemailmedia.com www.bluemailmedia.com
GDPR In A Nutshell: Everything B2B Marketer Should Know | P 05 V. Consent Article 4: ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her; Recital 32: Consent should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject’s agreement to the processing of personal data relating to him or her, such as by a written statement, including by electronic means, or an oral statement. 1. What is Consent? In simple term, we can define consent as gaining permission from an individual to use his personal information in a business task. The newly updated GDPR policy sets a new standard for it. There are various things one need to handle while receiving the user’s approval. This section deals with the different requirements of consents and also how it affects B2B marketers. Digital freedom stops where that of users begins... Nowadays, digital evolution must no longer be a customer trade-of between privacy and security. Privacy is not to sell, it’s a valuable asset to protect. - Stephane Nappo Digital freedom stops where that of users and security. Privacy is not to sell, it’s a valuable | | | | | | | | | | 1-888-494-0588 sales@bluemailmedia.com www.bluemailmedia.com
GDPR In A Nutshell: Everything B2B Marketer Should Know | P 06 2. Key Aspects of Consents Let us look at the three different requirements of consent in detail. A. Freely Given According to this requirement, the individuals will have a genuine choice and also control over the approval. It will not hold valid if the data controllers withhold or offer a degraded version of their service for the subjects who refuse or withdraw the consent. Recital 42: Consent should not be regarded as freely given if the data subject has no genuine or free choice or is unable to refuse or withdraw consent without detriment. Article 7: When assessing whether consent is freely given, utmost account shall be taken of whether, inter alia, the performance of a contract, including the provision of a service, is conditional on consent to the processing of personal data that is not necessary for the performance of that contract. B. Specifc, Informed and Unambiguous While seeking the individual’s consent, you must be specific and inform them of the usage of this data. They must also mention what type of data they process, why and when will they do it, and the procedures used to do it. You can specify them in detail in your privacy policy page. Also, the user’s must be given a complete right to withdraw the consent and a procedure on how to do it. Therefore, the organization must always be able to prove the individual’s consent any time. | | | | | 1-888-494-0588 sales@bluemailmedia.com www.bluemailmedia.com
GDPR In A Nutshell: Everything B2B Marketer Should Know | P 07 C. Clear Afrmative If you want any consent to be valid under GDPR policy, an individual must explicitly confirm the approval. For example, ticking an unchecked opt-in box. So, the pre-ticked boxes will not be considered as consent under GDPR according to recital 32. 3. Duration of Consent The personal information of the user will be collected to perform some business tasks. But, once they make use of this data, should they delete it? This section explains the duration of consent in brief. The GDPR or ICO have not mentioned about the period so far. But, ICO said that the data would degrade over time. It entirely depends on the context. So, this implies that the user’s data will not last forever. Also, the company must ensure that the data stored is accurate and updated. It is preferred to keep the data for a short time. The company should set a time limit to erase as well as review it. One should also note that the data subject has complete right to ask the data controller to delete their data anytime. In addition, the Article 17 of GDPR speaks in detail about data erasure. | | | | | 1-888-494-0588 sales@bluemailmedia.com www.bluemailmedia.com
GDPR In A Nutshell: Everything B2B Marketer Should Know | P 08 VI. Fundamental Rights of Individuals The individuals who provide personal information for any organization has various rights to exhibit. Therefore, if a data subject wants to exercise a specific or group of powers, the controller must be able to provide it within the rule of law. The GDPR focuses on the following rights of individuals to extend the scope of the privacy law. GDPR Article No. Explanation Fundamental Right 1.Right to Be Informed According to the GDPR policy, the controllers must inform the data subjects about the usage of their personal information. The data subject also has the complete right to know the details of the recipients who can view their data and also about the consequence of providing it. Art. 13- 14 2.Right of Access The data subject has full authority to view and also access his or her personal information. They also have the right to know whether their data is processed or not. Art. 15 3. Right to Rectification The GDPR wants all the personal information to be accurate. Therefore, in case of inaccuracy, the controllers must correct it and keep it updated. Also, the individuals have the right to receive their data to rectify the errors. Art.5(1)(d), 16, | | | | | 1-888-494-0588 sales@bluemailmedia.com www.bluemailmedia.com
GDPR In A Nutshell: Everything B2B Marketer Should Know | P 09 GDPR Article No. Explanation Fundamental Right 4. Right to Erasure The data subject has all the right to get their data deleted anytime. Also, the controllers must respect their opinion and remove it without delay. Art. 17 5. Right to Restrict Processing The individual can restrict the processing of data anytime according to Therefore, if he or she thinks that the data is inaccurate, no longer needed organization, unlawfully, they can restrict the processing immediately. Art. 18 this right. by the or handled The data subjects always have the right to move or transfer their personal between the controllers. 6. Right to Data Art. 20, Art. 29 WP information The individual has the complete right to disapprove the usage of his or her data anytime. Also, this objection depends on any specific condition circumstances. 7. Right to Object Art. 21 or the The data subject has all the right not to be subjected to any decision solely by automated processing such as profiling of their personal information. Art. 22 8. Rights Related to Automated Decision Making and Profiling | | | | | 1-888-494-0588 sales@bluemailmedia.com www.bluemailmedia.com
GDPR In A Nutshell: Everything B2B Marketer Should Know | P 10 VII. Penalties In general, the penalty for GDPR non-compliance will be of two levels. The first one is up to €10 million or 2% of the global annual income of the previous financial year. Whereas, the second level of penalty includes up to €20 million or 4% of the comprehensive yearly income of the former fiscal year. The Article 83(4) and Article 83(5) of GDPR lists the criteria for lower level and the higher level of penalty respectively. It should also be noted that the penalty will not only include fines. It may include warnings, reprimands or also suspensions of data processing. There are various criteria to determine the type and amount of penalties. You can find them below: 1. Customized Marketing This factor is taken into consideration to identify whether the infringement was intentional or negligent. 2. Nature of Data Breach Here the breach is categorized into different types such as the duration of the violation, the total number of affected people, damages suffered by them, and the processing purpose. | | | | | 1-888-494-0588 sales@bluemailmedia.com www.bluemailmedia.com
GDPR In A Nutshell: Everything B2B Marketer Should Know | P 11 3. Notifcation It indicates the notification type of the infringement. That is, whether it was reported to the supervisory authority by the third-party sources or by the organization itself. 4. Data Type Since the organization collects a different kind of data, this criterion is used to determine the type of data impacted by the infringement. 5. Certifcation This factor is used to check whether the firm comes under approved certifications or obeys the code of conduct. 6. Mitigation Here it shows the measures taken to decrease the damage caused to the data subjects. 7. Preventative Measures This criterion speaks about technical and also organizational actions the company has previously sought to prevent the non-compliance. 8. Cooperation It explains the cooperation level of the organization with the supervisory authorities to deal with the infringement. 9. History This factor considers all the past violations which come under the Data Protection Directive and also the GDPR. | | | | | 1-888-494-0588 sales@bluemailmedia.com www.bluemailmedia.com
GDPR In A Nutshell: Everything B2B Marketer Should Know | P 12 VIII. Glossary This section consists of the brief explanation of some of the frequently used terms in the free guide. Data Processing In the GDPR lexicon, the term data processing refers to any act performed on a user’s personal information. It includes various operations such as data gathering, organizing, storing, structuring, updating, retrieving, using, erasing, and many more. Data Controller It refers to the person or the organization who controls the drive and also data processing operation. Data Subject This term indicates an existing individual whose personal data is being used by the company. Data Erasure It is also known as the right to erase or be forgotten. According to this right, the data subject has full authority on their data, and they can also ask the data controller to delete his/her data anytime. In addition, the Article 17 explains in detail about data erasure. | | | | | 1-888-494-0588 sales@bluemailmedia.com www.bluemailmedia.com
GDPR In A Nutshell: Everything B2B Marketer Should Know | P 13 Data Breach In the context of GDPR policy, the data breach refers to various activities such as unlawful or accidental access, misuse, destruction, etc. of an individual’s data. Profling This term indicates an existing individual whose personal data is being used by the company. Supervisory Authority It refers to one or more person who is appointed by each member state to observe and also take care of the GDPR compliance. That is, he is a public authority responsible for monitoring the application of GDPR. ICO ICO stands for Information Commissioner’s Office. It refers to the supervisory authority in the UK. At present, Elizabeth Denham is the information commissioner in the UK. Data Protection Ofcer Also known as DPO is an expert on data privacy. The DPO works independently and is responsible for ensuring that an entity is adhering to the GDPR policy. Third Party It refers to the legal person, agency, or any public authority. The third party in theGDPR lexicon will not include the controller, processor, data subject and also theother person who come under the influence of the controller to process the personal information. Article 29 Working Party The Art.29 WP is an advisory body consisting of the representative from the data protection authority of each EU member state, the European Commission, and the European Data Protection Supervisor. This group was launched in 1996 and provides advice regarding data protection law. | | | | | 1-888-494-0588 sales@bluemailmedia.com www.bluemailmedia.com
GDPR In A Nutshell: Everything B2B Marketer Should Know | P 14 About Blue Mail Media Blue Mail Media is an excellent B2B marketing solution. It provides a long list of services such as industry relevant mailing list, data cleansing, and campaign marketing services. Blue Mail Media established itself as a campaign specialist having an extensive grasp of the behavioral aspect of the dynamic market. The brand is an exemplification of quality services and leadership. It is a top contender in mailing list services offering lists that justify client needs. Also, Blue Mail Media has catered its services to business avenues small and large alike. It has reigned as a household name among industry leaders and neoteric. Partner with Blue Mail Media to reach business goals at an affordable budget. Be amongst many who have joined hands with this trusted name in the mailing list industry. Get your Complimentary 1 on 1 Consultation 1-888-494-0588 | sales@bluemailmedia.com | www.bluemailmedia.com 300 E Royal Ln #127, Irving, Texas 75039 | | | | | 1-888-494-0588 sales@bluemailmedia.com www.bluemailmedia.com