Why Your B2B Marketing Team Needs GDPR Compliant Data
Did you hear about British Airways being fined £20m for a data breach?
It’s scary to think that if you don’t secure your data, you could find yourself facing the same fate…
Yep, the ICO is always watching…
And B2B marketers aren’t excluded because:
If you work with any personal data, you need to make sure you’re staying GDPR compliant.
But how should marketing teams do that?
From campaign marketing to product marketing, we delve into why you need GDPR compliant data and how best to go about it.
Scroll 👇 to start, or 🖱️ click one of the headings below to go straight to that section.
- Clean data is an essential component of lead generation. Why? Because it helps you generate quality leads.
- B2B data helps you understand your customers’ needs - meaning you can create compelling messaging that has relevance to their challenges and goals.
- Accurate data helps create effective B2B marketing, and if not, shows you how you can improve.
So what does GDPR-compliant data have to do with this?
Secondly, if your data is compliant and from a reliable source, it’s accurate, which makes it all the better for marketing.
We know it can be daunting, so here’s a quick breakdown of what data you can and can’t process as a marketer:
This is any information that can directly or indirectly identify an individual, and it’s what the GDPR is trying to regulate and protect.
This data includes names, identity numbers, locations and email addresses or usernames. It’s a pretty broad definition, though, so even cookies and IP addresses fall under personal data.
Business data doesn’t apply to the GDPR. So anything related to a business, such as its name, public email and landline number, is fair game.
However, personal business email addresses can fall under personal data. This means that if an individual's name is in an email address, it must be processed under GDPR.
Let’s look at how GDPR compliant data affects each tier of marketing 👇.
If you’re still spraying and praying when it comes to your marketing campaigns, it ain’t good…
The best campaigns come from highly strategised, specific targeting.
If your campaign includes email marketing, you’re going to want to do the same, but with segmented lists.
The only problem is, under the new GDPR laws, you need to have consent to market to everyone on that list.
✅ Consent must be freely given - you absolutely have to give people a choice when it comes to how you intend to use their data.
✅ Consent needs to be outlined in clear and concise terms - this means you can’t bundle it with other T’s & C’s, and the language used needs to be understandable.
✅ You absolutely have to have an unsubscribe button - people have to be given the choice of who can and can’t hold their data.
Sounds pretty straightforward, doesn’t it?
Hold on a minute; it’s not actually that easy…
For your customers' consent to be legitimate, they needed to have “opted-in” to your marketing.
👉 Opt-ins have to be part of a separate process, and you need to be transparent about what you intend to use their data for.
This doesn’t mean ‘marketing’ and everything you can squish under that label.
Nope, you need to explain:
- What you plan to use their data for
- Your lawful basis for processing their information
- Who you will share it with
- How long you plan to keep it
It’s a good idea to store all your permissions data on a secure CRM. This is so you can keep track of who has opted in and out of certain topics, ensuring you stay GDPR compliant.
Now, if you have a campaign that asks for your prospects to refer a friend to receive a freebie, you need to keep in mind that the friend hasn’t permitted you to use their data, so you can’t process, store it or use it for marketing purposes.
However, you can email them a notification to let them know their friend referred them.
Which brings us to:
Every individual has the right to be forgotten.
Now before you think we’re getting all morbid on you, the right to be forgotten isn’t some Eternal Sunshine of the Spotless Mind mambo jumbo - it’s actually a term under GDPR. It means if someone asks you to remove and destroy ALL the data you hold on them, you have to do it.
Remember, the GDPR isn’t a directive; it’s a legally binding regulation. If you fail to comply, you can be fined up to €20 million or 4% of your global turnover!
What does this mean for the future of campaign marketing?
It’s not a huge train smash. Permission-based marketing strategies keep you GDPR compliant and generate more leads for less cost, but it does take a bit longer than outbound lead generation. You can get permission via website pop-ups, direct mail and online forms.
This tactic affords you the ability to discover more about customers who’ve shown interest in your product or service. The upshot is you can increase the leads entering your sales funnel and target them with more specific and relevant campaigns.
Everything discussed above stays precisely the same when it comes to performance marketing.
✅ Even though they may have approached you from an internet search, online advertisement or social post, your prospect still needs to opt-in for marketing, and they still have the right to be forgotten.
An easy way to manage this is to create a separate landing page where they can optimise their SaaS marketing preferences. Always, always give the option to unsubscribe within all correspondence.
The only difference when it comes to performance marketing is that it’s more of an inbound lead generation approach. It’s where you engage and advertise to prospects with the idea they’re going to come to you, rather than you finding and approaching them through a campaign.
This means you’ll need to focus on a few different aspects of GDPR in order to stay compliant - starting with keeping thorough records of where your data has come from:
If the ICO decides to investigate you, you have to document all processes associated with your prospects’ personal data. So if a customer found you from a Google ad and reached out to you, you need to have a record of that.
If they never made it through the funnel to become a customer and you reached out to them with other product news based on legitimate interest, you need to keep a record of that too.
Seems like a daunting task, doesn’t it?
It doesn’t have to be. There are loads of automation tools and solutions available to help you manage your data and the documentation that comes with it.
What’s more, if the ICO investigates you, you’ll be subject to periodic reviews, so having up-to-date records will be well worth avoiding a hefty fine.
What does this mean for the future of performance marketing?
By keeping records of your processes, permissions and procedures, you’ll be able to utilise your data compliantly and effectively. Plus, having a great framework in place for your entire team will keep all of your data up-to-date and accurate - which keeps the ICO happy!
Of course, the same rules apply for all marketing, but with product marketing, you can be a little bit more flexible.
Have you ever heard of legitimate interest?
It’s where you can market to:
- Anyone who’s shown interest in a product or service similar to yours
- Anyone, as long as you can prove that they might have a legitimate interest in what you’re selling
For example, if you’re selling sales intelligence software that can help a sales team, then you can reach out to sales leaders without them having to opt-in. However, if they object to your marketing, you have to stop, and as always, you have to give them the option to opt-out or unsubscribe.
Which is very different to marketing to prospects who have given you consent - they can’t object to your marketing, but they can withdraw their consent at any time.
Bringing us to:
- They’ve given you consent
- Or you have viable reasoning and proof that your marketing is in their legitimate interest
So, as long as you processing their data doesn’t infringe on their rights and freedoms, go right ahead and reach out to prospects based on legitimate interest!
What does this mean for the future of product marketing?
Not too much will need to change if you’ve put policies together regarding how you collect, process and store personal data.
This is to show you haven’t just bought a lead list and contacted everyone on it under the guise of legitimate interest. You need to show that you’ve put thought into choosing the prospects you’ve reached out to.
Stay compliant with Cognism
Say goodbye to the stress of trying to stay GDPR compliant.
It’s the reason why we’re THE world’s best global sales intelligence platform.
What are you waiting for?
Book a screen-share with us by clicking the button below 👇.
The contents of this article are for the purposes of general awareness only. They do not constitute legal or professional advice. The content may have changed since this article was published. Readers should take appropriate professional advice for their own particular circumstances.