The new EU data protection law has indeed changed the game, putting the consumer on the front foot as businesses must ensure they have express permission before making contact. This means that, in theory, cold emails and unsolicited marketing emails are a thing of the past.
Cast your mind back to the final week before GDPR came into effect. Email after email practically begging you to grant permission for businesses to keep on sending content that you never actually asked for in the first place.
Many, though, tried to be clever in how they approached GDPR by sending correspondence saying that, unless stated otherwise, they would automatically assume you are happy for them to continue contacting you. Quite simply this is not the case as, unless you have granted your express permission, it is a breach of the new EU privacy law. Failure to adhere to GDPR could cost the business as much as 20 million euros or 4% of global turnover.
Updated Privacy Settings
All websites and businesses must give you the option to delete your contact details from their database. It is now a legal requirement for businesses to remove these details when asked as consumers must opt in to receive any marketing material.
Businesses must also give consumers the option to choose how they wish to receive marketing material if they do want to remain on your mailing list. Online contact forms must give the option to choose as to how you want to receive any correspondence by email, telephone or SMS message, as an example.
Should Your Business Follow JD Wetherspoons’ Example?
Rather than ask each of the 650,000-plus contacts on its mailing list to opt-in to continue receiving news and offers, pub chain JD Wetherspoons took the step of deleting its entire database. By ‘securely’ deleting its entire mailing list, this ensures that the business cannot fall foul of new GDPR laws as a result of holding onto and contacting consumers without permission.
While this is, of course, a drastic step to guarantee compliance, it has been met with a positive reception (as well as generating media exposure for the brand). From now on, as per the email sent out to customers from chief executive John Hutson, all news will be shared via the company’s website and social media platforms, although JD Wetherspoons has since closed all of its social media accounts.
While the initial panic of GDPR seems to have settled down, it is still important to ensure that your business is compliant. If not, then every day you are gambling with your livelihood – is it really a risk worth taking?