What do I need to do about GDPR?

There is a lot of information going around about the impending GDPR regulations. In this blog, we’ve kept it simple and to the point and we’ve included handy links for you as well.

What is GDPR?

GDPR stands for General Data Protection Regulations that are coming into force on 25th May 2018.

“What GDPR relates to, is being able to process data for the purposes of direct marketing, which includes storage, segmentation, profiling, matching, sending direct mail, making marketing phone calls and electronic marketing in the B2B sector.” – Tim Roe, Compliance and Deliverability Director at Redeye International.

Basically… if you or your business use any kind of email marketing, make sales calls or use any kind of tracking tools on your website (such as Google Analytics), when the law changes, the way you use any data collected will have to change too!

Jargon Buster…

GDPR   General Data Protection Regulations – What data you capture and how you use it.

PECR    Privacy and Electronic Communications Regulations – Everything to do with cookies, phone calls, emails, texts, faxes (remember them?), secure comms, online privacy

TPS      Telephone Preference Service – You can register to STOP sales call.

CTPS    Corporate Telephone Preference Service – The corporate version.

ICO      Information Commissioner's Office – A strict, independent authority that will punish your business if you call someone who is on the TPS list!

SSL      Secure Sockets Layer – The little padlock icon that should appear in the browser bar when on a website.

How does this affect you…

Privates on display

Has your website got a Privacy Policy? Well, it needs one. People have a right to know what personal information you’re storing about them, and what you’re doing with it. This includes anything from their IP address to what pages they’re looking at. We can help with this, just send us an email 

Never assume!

Always ask permission! You need explicit permission from anyone you intend to send email marketing to. The easiest way to do this is asking them to opt in. Don’t assume they’ve given permission, don’t pre-tick a box, don’t baffle them with jargon hidden in your Privacy Policy – be clear with a statement and a tick box on your site’s contact forms, registration forms or check out pages. Contact us to talk about how we can help.

When? How? What?

As part of the new laws you will need to keep a record of WHEN they gave you permission/opted in, HOW they opted in and WHAT they agreed to. To discuss the best ways to do this speak to our Account Management team

What about the data you already have?

Review the details of any existing data that you’ve obtained – what they have agreed to (if anything?), how did you get their details and what you intend to do with them. If, and only if, you obtained someone’s details when they bought something from you, then it’s ok to send them relevant marketing thanks to PECR allowing for something called ‘soft-opt in’. HOWEVER this is only a temporary fix as PECR is soon to be replaced with new, stricter, probably more complicated laws! You will then need to notify everyone with your new or updated Privacy Policy.

Hello? Is it me you’re looking for?

Whilst we’re on the subject of PECR, this legislation states that you don’t need explicit consent to make a sales call… BUT be sure to check the TPS and the CTPS for any names or business registered on this list… or be faced with a hefty fine! These people do not want to be contacted!

Easy opt-out

Whether you’re calling, emailing or texting people – they have a right to ‘opt-out’ of any means of communication at any time. This could be as easy as a number to call, a mail box to message or a link to click – whatever it is, don’t wait until May to do this. The sooner you start complying with the GDPR the more smug you can be in May 2018! Oh, and remember to remove them off your contacts list, it’s kind of the point! Talk to us about your options.

Some other bits to consider…

That little padlock that appears in your browser bar when you look at a website actually has a purpose! It shows that a website has an SSL Certificate meaning people will view this website as ‘secure’. However, should this padlock not appear, Google will flash visitors with a big angry red alert and class a website as ‘unsecure’ which can put people off!

Although GDPR may make life temporarily difficult – it does have all our best interests at heart. It’s not all doom, gloom and hoops to jump through though – turns out you DON’T need explicit consent to send a mailer, letter, brochure or catalogue! As long as your opt-out procedure are present and correct, sending relevant direct mail is classed as legitimate interest!

Speak to the team about how a Direct Mail campaign can work for you and your business.

Posted by: Harriet

Date: 4 January 2018

Email Updates

To get all the latest from RizkMcCay including handy design and marketing tips via email, please add your details here.

By opting in you agree to our specific terms and conditions for marketing.

We’re ready to listen

If there’s a project on your radar that we can help with, get in touch. The kettle’s always on...

RizkMcCay Limited
Regency House
21 The Ropewalk
Nottingham NG1 5DU

T: +44 (0)115 941 1169

RizkMcCay Limited
Oak House Business Centre
Witham Park, Waterside South
Lincoln LN5 7FB

T: +44 (0)1522 839527


* Mandatory Fields