What Matters About GDPR Now That Everyone’s Sick of Hearing About It
At the end of May, GDPR – the General Data Protection Regulation – went into effect giving residents of the European Union (EU) more control over their personal data. The regulation is being called one of the most important consumer data privacy changes in nearly two decades. The immediate result was a flood of email subscription re-verification requests and cookie notices on websites. Emails. Banners. Pop-ups. Opt-ins. New privacy policies. You’re likely tired of seeing them.
Think of it as GDPR fatigue.
But don’t glaze over and file GDPR in the back of the drawer with your frantic Y2K memos. It would be a mistake to take a “one and done” approach. It would be short-sighted to update your consumer data privacy policies and opt-in mechanisms strictly to meet the requirements of the new regulation. Here’s why: GDPR signals something very important to you as a financial services marketer.
Consumers want – and are gaining – more control over personal data.
This comes on the heels of the Facebook-Cambridge Analytica scandal and a growing number of major data breaches. Whether the U.S. adopts a policy similar to GDPR or not (U.S. consumers seem more open to sharing data in exchange for personalization), the momentum is building toward revised privacy policies and consumer data protection.
We suggest that brands embrace this change.
In May, Michelle Dennedy, chief privacy officer at Cisco, told MarketWatch, “GDPR is not the end. It is the beginning of the era in which we start to value personal data.” And on the Cisco blog in mid-June, she wrote, “When privacy is done right, that knowledge will bring customer confidence and trust in the vendors who demonstrate respect for their data.”
We agree. Consider the items affected by GDPR – privacy policies, email opt-ins and verifications, data storage notices, breach notifications, etc. – as opportunities to express how much your brand values its customers and their data. Collecting and protecting consumers’ personal data more carefully (and more transparently) can boost your reputation and create greater customer loyalty.
Of course, it’s important to pay attention to the technical stuff, too. Fight your GDPR fatigue long enough to check in with Media Logic’s downloadable GDPR Guide for an overview of the new requirements, visual examples of GDPR compliant privacy policies and email opt-ins, Google Analytics data retention updates and WordPress admin functions affected by GDPR.
If you are unsure if GDPR affects your brand, it is always best to seek legal counsel on regulations of this magnitude. As one of our team members says, these guidelines and regulations “have some teeth behind them.” High penalties include €20 million in fines (equal to approximately $24.5 million), or 4% of a company’s global annual revenue (whichever is higher).