The GDPR changes prospect and customer engagement rules.
The conditions for obtaining prospect consent are stricter under GDPR requirements, as the individual must have the right to withdraw consent at any time. There is also a presumption that consent will not be valid unless separate consents are obtained for different processing activities.
- Newsletters | This means you have to be able to prove that the individual agreed to a certain action, like receiving a newsletter for instance. It is not allowed to assume or add a disclaimer, and providing an opt-out option is not enough.
- Marketing and sales activities | Companies will have to review business processes, applications and forms to be compliant with double opt-in rules and email marketing best practices. For example in order to sign up for communications, prospects will have to fill out a form or tick a box and then confirm it was their actions in a further email.
- Audit Trails | Organizations must prove that consent was given in a case when the individual objects to receiving the communication. This means that any data held, must have an audit trail that is time stamped and reports information detailing what the contact opted into and how. It must also be possible to permanently delete data from your CRM systems.
- Purchase marketing lists | The company is responsible for getting the proper consent information, even if a vendor or outsourced partner was responsible for gathering the data.
- Trade Shows | In the corporate world, sales people meet potential customers at a trade show, they exchange business cards, and they add the contacts to the company’s mailing list when they come back to the office. In 2018, this will not be possible anymore. Companies will have to look at new ways of collecting trade show prospect information.