Six Takeaways From the ON24’s Regulation Webinar That Will Ease Your Mind

GDPR went into effect on May 25. With significant penalties for non-compliance, and the fact that any organisation that communicates with people in the EU will have to comply, there was a lot of discussion in the run-up to the enforcement deadline. There continues to be a lot of discussions well after. Many companies are still struggling to comply with the regulations and have questions about various aspects of compliance. What are the regulations? What do we do if our company is not ready for GDPR? Does GDPR affect other departments aside from marketing? How do we build campaigns that help gain compliance?

ON24’s Insight50 Ask About: Regulation webinar addresses these questions and more. Webinar panelists Abigail Dubiniecki, senior lawyer and specialist at My Inhouse Lawyer, Richard Preece, Director at DA Resilience and Zach Thornton, External Affairs Manager at the DMA shared their knowledge and expertise to answer questions and discuss the various aspects of GDPR and what it means to companies.

Here are just six key takeaways from the webinar, moderated by Andrew Warren-Payne from Market2Marketers.

Most attendees aren’t compliant but they are getting there

If your company is not 100% compliant with GDPR, you are not alone. Of the webinar attendees, 48% reported that ‘We are not fully compliant but are taking steps towards it’ when asked ‘Where is your company in terms of readiness for GDPR?’

On this note, one important question came from the audience: if your contacts have not opted in by the 25th May deadline, does it mean you can no longer contact them? According to Zach Thornton, if your company is already abiding by opt-in consent rules and you have a continual engagement or relationship with your customer, this implies continual consent making renewal of consent unnecessary. He believes that companies going through this re-consenting process are wasting resources and might needlessly be keeping in touch with contacts that are consenting to receive marketing.

Procrastinators don’t panic

If you are feeling a bit behind on GDPR compliance, don’t panic. Abigail Dubiniecki, from My Inhouse Lawyer, advises not to panic and to think before you act. She has a Five-Step Procrastinator’s Checklist that can help you towards compliance.

  1. Know the law

Get on the ICO website and familiarise yourself with the following guidelines and tools:

ICO Direct Marketing Guide

ICO Guide to the GDPR

ICO PECR Guide

ICO Lawful Basis Interactive Tool

  1. Know your data

Know what kind of data you have. This is important because, as Dubiniecki says, “You can’t do things properly if you don’t know what you have.”

  1. Know your legal justification and your purpose

Segment your database and identify what the legal justification is for having those contacts. You’ll want to know the following information about your contacts:

  • Provenance
  • Preference they have
  • Purpose you are allowed to market to them
  1. Trim the fat

This is where you want to use your metrics. Find out how much engagement you have had with your contacts. From that point, you can purge those contacts that do not engage.

  1. Go forth and market, but do it appropriately and maintain good practices

Establish workflows and make sure you have a record of processing activities. Most importantly, make sure you train those people involved in these workflows and processing activities.

Make privacy a positive

Many of the webinar participants polled (39%) are not sure whether GDPR would be good for business. However, the majority (54%) felt that GDPR would have a positive effect on business.

This positive outlook on GDPR’s on the state of business is refreshing and in line with the advice given by Zach Thornton. He suggests that companies make privacy a positive. Transparent, common-sense guidance allows companies to address customers’ concerns about their personal data and let customers know that they are in control of how your company uses their data. Privacy can now be a company’s unique selling point.

A good example of an organisation making privacy positive is the BBC, which uses a layered privacy approach. This method provides the most important information to the contact first at the top layer (for example, on a sign-up form); thereafter, each layer of additional information gets more detailed but still gives a clear explanation as to how that information will be used. This approach makes it easier to explain privacy information for the average person.

Email is thought to be the marketing channel most at risk but what about sales activities?

Not surprisingly, email is believed to be the marketing channel that has the greatest amount of risk in reference to GDPR. Webinars were seen as the lowest risk.

But while much talk has been on marketing practices and channels that will fall under the scrutiny of GDPR, what about sales activities?

As Zach Thornton explained, because GDPR applies to the processing of personal data that can be linked back to an individual, it does apply to sales activities such as cold calling, contacting prospects via social media such as LinkedIn as well as the use of email prospecting tools. It is important to note that GDPR also applies to human resources, IT and any other department that processes personal data.

If marketing is designed properly, compliance will happen

So how can marketers design their campaigns to gain compliance? According to Abigail Dubiniecki, the answer is to design marketing campaigns that establish a reason for engagement and encourages the development of relationships. If marketing efforts, such as webinars, are created around the idea that people don’t want to miss out and the excitement of being part of something interesting, people will sign up so they can be notified of upcoming events. If you deliver value, compliance will follow

Compliance is an ongoing endeavor

The last takeaway from the webinar is one to keep in mind—compliance does not end; it is an endeavor. As Richard Preece explained, compliance is an ongoing process. It requires you to challenge the way you do things, to understand the risk and have a clear system in place. This system will allow for continuous improvements and adapts over time to the needs of your business.

Want to know more?

If you want to know more, the ON24 Insight50 Ask About: Regulation is available now on-demand.

GDPR, Marketing and the Shift to a Privacy-Centric World

It’s been a little over a month since the European Union’s General Data Protection Regulation, or GDPR, became law. The statute, taking effect on May 25, 2018, launched a slew of privacy update emails and last-minute data wrangling efforts from various companies across the globe. It has since inspired similar regulations, most recently California’s California Consumer Privacy Act of 2018 (AB 375). Additional regulations, originating from different countries or states, could be on the way.

Why all the hubbub?

There are a few reasons why GDPR inspired so much scrambling and continues to do so after its implementation. First, it affects companies on a global scale. Second, it shifts an organization’s control over collected data from companies to individuals. Third, organizations can only collect data on an individual if they actively ask the individual for consent or if that individual has a legitimate interest in that company’s dealings.

Not only that, but organizations also need to clearly explain why they are collecting data and what for. Companies will need to demonstrate they can easily delete collected data if either A). an individual requests it or B). if the data is no longer relevant to the reasons it was initially collected in the first place. Data cannot be kept indefinitely for no particular reason.

The central issue, and why this regulation impacts companies across the globe, is that it regulates any data belonging to any E.U. citizen, regardless of where that data, or the company using that data, resides. If, for example, a company hosts an E.U. citizen’s data in Canada, that company still needs to comply with GDPR or risk up to 4 percent of its global revenue.

So, yeah — GDPR is a big deal. And both companies and governments are still trying to wrestle with both its implications and its enforcement.

Ultimately, though, GDPR is good, even if it’s still unclear to many. It empowers individuals to control their data and gives companies the scaffolding they need to shift their marketing and data retention policies to focus on individuals who are actively interested in what a company has to offer. Think of GDPR — and similar legislation — as an opportunity to both better organize your data and shorten your marketing funnel by engaging with folks who are genuinely interested in your business. It’s an invitation to stop interrupting and start engaging by putting your audience’s interests first.

To help you on your journey, we’re putting together a GDPR webinar. We’ll give you the low-down on the new law and how webinars can act as a powerful tool to help you stay in compliance and generate better pipeline. If you’re in the European market, join us on July 12 at 11 a.m. BST. If you’re in the United States, join us on July 17, at 11 a.m. PST (2 p.m. EST) to get a better understanding of what GDPR means for you and how you can use webinars to get ahead of privacy regulations.

ON24: GDPR Ready

I hate rules. And, I think the best marketers are those who break them.

Which is why I’m surprisingly ok with the larger mission of the EU’s forthcoming, and discussed-to-death General Data Protection Regulation (GDPR).

Yes, it’s a pain in the ass, but I fundamentally believe the challenge is one all marketers should embrace, inside or outside the EU. Let’s use the deadline of May 25th to ask ourselves some big, uncomfortable questions about the way we’re engaging with prospects. Is the interaction human? Are you getting any more besides an unsubscribe notice from your very generic email?

It’s time to take a step back and examine whether all this marketing technology is adding or taking away from the relationship we’re all relentlessly trying to build with our customers and prospects. And, of course, make sure your technology is GDPR-ready.

The good news is that ON24 has you covered on both aspects. We’ve built our platform to make engagement more human through live, on-demand and personalized experiences. And, our privacy and product experts have worked very hard to ensure the data you collect along the way is kosher with the EU’s new policy.

So, we’ve got your back, webinerds… Keep on breaking (most) rules, stop spamming, and start engaging!