How will GDPR affect B2B Telemarketing?
GDPR comes into full force in May 2018, and there are still big concerns as to what this means for B2B marketing. The good news is that B2B marketing will be far less affected than B2C, but there are still regulations you'll need to comply with.
The General Data Protection Regulation covers the personal data of EU citizens. GDPR is changing the way businesses process personal data, requiring greater transparency and stricter limits on how you can use it. The penalty, if you're found to be non-compliant, is significant - up to €20 million or 4% of your last annual turnover, whichever is greater.
So what's changing?
The rules around consent to use data will become far more specific, which can affect direct marketing campaigns. All processing of personal data needs to be documented, and large organisations or companies that process large amounts of data may need to appoint a Data Protection Officer to ensure compliance with GDPR.
There are now six lawful reasons for contacting someone using and processing their personal data:
- They have consented to be contacted by you
- It is necessary for the performance of a contract with the data subject
- There is a legal obligation to contact them
- It is necessary to protect the subject's vital interest
It’s necessary to perform a task in the public interest
Necessary for the purposes of legitimate interests (except where such interests are overridden by the interests, rights or freedoms of the data subject)
The two main points that will be relevant to B2B marketing are points 1 and 6 - consent and legitimate interest.
Consent is the most commonly known form of legally processing personal data, but regulations will tighten when GDPR comes into effect. There must now be a definitive 'opt-in' process which can't be ambiguous in any way (such as pre-ticked boxes to consent). If email campaigns are based on consent, you'll need to check that your opt-in process is compliant with new rules and keep records of every piece of data and proof of their consent.
Legitimate interest has been specifically noted to include direct marketing, so you are allowed to process personal data if you can demonstrate that the data subject could be likely to have an interest in what you're marketing. This is a big thing for email marketing: for example, if you offer an accounting software, you're able to obtain the contact details of finance managers of companies who may benefit from your software. This is a perfect scenario where legitimate interest applies to both parties in B2B marketing.
The basis for legitimate interest is subjective, so you must keep records of all personal data that you process and how you came to the decision that legitimate interest applies. There must also be a clear option for anyone to opt-out of any marketing, whether they have given consent or not.
What about cold Calling?
Cold calling should also fall under the grounds of legitimate interest, providing your data is sourced based around who may benefit from your product or service. Again, you'll need to be able to demonstrate that data is compliant with regulations and that legitimate interest applies to the data subjects.
It's understood that B2B telemarketing will be far less impacted than B2C. Companies should ensure that their data is compliant with regulations before the GDPR comes into effect. If you're already considering outsourcing your telemarketing, GDPR may mean it's more straightforward for your company to do so. Our processes are already compliant with new regulations, and us managing data processing for your business means you can focus on what you do best.
We'd love to discuss how we can help you once GDPR comes into effect. Contact us on +44 (0) 161 504 0608 or follow the link below to get in touch.
DISCLAIMER: We have conducted extensive research into the GDPR and written this based on the best currently available information, with the intention of helping our clients to become better prepared ahead of GDPR coming into force. Straight-line Marketing however does not provide legal advice, and cannot be held responsible for the GDPR compliance of any organisation other than its own. It is the responsibility of each business to ensure their own compliance with the GDPR. If you have any need for legal advice, please contact a solicitor or visit the ICO website for further information