GDPR and CRM – how much do you remember?
Published: January, 2019
The New Year is here, and we’ve been doing some early spring cleaning. After the busy latter half of 2018, it’s fair to say that some people’s knowledge of GDPR has gotten a little dusty. But don’t worry, we’re here to help shake those brains free of any lingering GDPR cobwebs. Let’s get started: shall we keep or blow away these statements?
“I was GDPR compliant on the 25th May 2018. Job done !”
Let’s definitely blow away this statement.
GDPR was not based solely on a fixed deadline, and GDPR compliance on a fixed date will not continue indefinitely.
Some of the key pillars of the legislation are around the ongoing management of data, and your processes. A
It’s not suggested that you change all your company’s processes every day, but if there is a significant change to your business or the landscape in which your business operates, then your processes will need to accommodate the change.
What is a significant change, you ask? That is up to you to work out for your individual business.
A compliance step is taking Privacy Impact Assessments on proposed business changes to deem their significance to data protection.
Cloud storage systems such as SharePoint can be helpful to smaller businesses to record their privacy impact assessments.
“Having a GDPR compliant CRM system makes my company GDPR compliant.”
Dust this statement away quickly!
Whilst a ‘GDPR compliant’ CRM system won’t hinder your compliance journey, there is no single solution for compliance. Compliance is made up of a multitude of factors; technology is only one of these.
However, CRM systems are a very positive step to take.
It must be remembered though that a ‘GDPR compliant CRM system’ can be a misunderstood phrase – it is possible to use such a system in a noncompliant way.
A ‘GDPR compliant CRM system’ describes its design and infrastructure rather than the use of it. Using it will not make you compliant, but it is designed to guide general usage in a compliant way and built with compliance in mind.
For example, it is possible to import third-party mailing lists into most CRM systems, but this is often not advised since there can be no guarantee that the data has been obtained lawfully. In fact, certain marketing software such as ClickDimensions disallows use of these type of lists in their terms of use.
“GDPR negatively affects my relationship with my customers!”
You get points for being concerned about your customer relationships, but this statement can be brushed away too.
This statement would only be true if every aspect of your business was entirely noncompliant with GDPR. For you though, GDPR positively affects your customer relationships!
It should not be forgotten that the heart of the General Data Protection Regulation is to enhance the rights of EU citizens and increase your accountability. Customers are not put off by the fact that you are abiding the law, are accountable and transparent to them, and are respecting their rights.
If your concerns are around your communications and marketing activities with your customers, the same sentiment applies. Good business relationships are based on trust, and it is important that the customer knows that your relationship with them is legitimate.
What would negatively affect your relationship with your customers is if you communicated irrelevantly with them against their will. The GDPR compliant act of managing customer subscription and communication preferences ensures that your communication with your customers is relevant and desired.
Additionally, culling your databases of dead emails and contacts that you haven’t spoken to in 20 years is positive for your business relationships, amongst other things. Your marketing efforts and success metrics won’t be skewed by fruitless connections and you can better focus on your profitable relationships.
GDPR and the concept of CRM share certain pillars – that your customer data should be clean and organised, and that communications with your customers should be relevant. If you’re already using a CRM system, you are supporting a GDPR compliance sentiment.
If you aren’t using a CRM system, make sure that you have the resources available to safely and legally manage your customer’s data. Your customers are relying on you.
Disclaimer: We are not lawyers and this article is not official legal guidance. If you have any doubts about your GDPR compliance in the UK, consult the Information Commissioner’s Office.
− Katrina Caswell, Marketing Assistant
To find out more about CRM and GDPR, please contact us.
Related Articles and Information: | Systems are not compliant with GDPR, Processes are CRM Systems & GDPR Compliance: Recorded |