General Data Protection Regulation - GDPR Readiness for Small Business

GDPR Readiness

GDPR Readiness

 Global Data Protection Regulation

GDPR Readiness

Coming, as of May 25, 2018 is GDPR readiness. GDPR is compliance with the Global Data Protection Regulation. The European Union is enforcing regulation and the world will comply.

This regulation impacts the globe. Non compliance with cost you a hefty sum. Try $20 million despite your size or length of time in business. Readiness is imperative.

Where ever you are on the planet if you own and operate a business you must comply with the new regulation mandated by Europe.

If you do not own a business then you are an ordinary shopper, buyer some type of product. In a global environment you purchase your product online or offline. You now have the right to know from an entity how your name, email address and physical address is stored and used.

Are you part of a remarketing campaign? Is your email address an asset as part of a sale of a business? Will a marketer offering your a product also offer up your email address to another marketer who offers a similar or comparable product? Those marketers need your permission to do that. Those marketers have needed your permission since the Federal Trade Commission made it mandatory in the United States.

It seems like something much more illicit is going on but it is not.

Since 2005 the Federal Trade Commission enacted rules for marketing and online business. The rules support the concept of permission based marketing. Yet so many marketers, small business owners, IT professionals, large and medium sized businesses have flouted the law. It’s been a field day. Entities that never asked permission to email you now flood your inbox. Some email you 6 times during daylight hours and 8 hours at night.

As a result, text messaging, remarketing, email marketing, banner ads, and any other form of marketing will be strictly regulated because some entities are desperate to meet quota, make a sale or develop a relationship with you. Obviously the rules were not read.

For this company, we would ‘die and consciously go out of business’ rather than hound your inbox. Our philosophy is simple. If you did not respond then our offer does not interest you. Just that simple.

Here are a few of the GDPR Readiness requirements as defined by BING Digital:

  • Email marketing – Recipients of your email marketing materials must have given you permission to contact them and you must also be able to show when and how they did this.As a member of our list you receive infrequent email from us. Now we will ask your permission. We will remind you how you came to be on our list initially because we keep that information. You will learn how you ended up on our list by identifying the ebook we offered that you agreed to receive. We keep that data too. 
  • Privacy policy – If your site hasn’t got one already, you will need a privacy policy in order to comply with GDPR. Failure to provide one could lead to a fine.Our Privacy Policy is clearly stated under our Privacy Policy contained within our Policies on our website. We encourage you to read our Privacy Policy and invite you to contact us if you believe our Privacy Policy is not compliant.
  • Opting out – You must make it easy and straightforward for people to opt-out of your marketing materials. The simplest way of doing this is to provide a contact email or contact number on all your marketing correspondence.Our format for opt-out email will change from the bottom of our email messages to the top of our email. Essentially before hello we will offer your the option to opt-out. This format will become our new standard.

As good corporate citizens we always share relevant links to topics we cover. Here is no different. We have discovered the United Kingdom’s resource guide on compliance and invite you to review it carefully. The Information Commissioners Office found at offers a free resource called Preparing for the GDPR in 12 Steps. You can download it here.  Now we get the United Kingdom exited the EU. They understand this change much better than we Americans so read their perspective and modify yourself for GDPR Readiness.

Finally, what began as a policy document is now an opportunity share insights. You will see this document again. We hope it will be helpful to you. Read our latest post here.