General Data Protection Regulation - GDPR Readiness for Small Business

GDPR Readiness

GDPR Readiness

 General Data Protection Regulation

GDPR Readiness is a MUST

As of May 25, 2018 is GDPR readiness is a mandatory regulation. GDPR is compliance with the Generall Data Protection Regulation. The European Union is enforcing regulation and the world will comply or be fined substantial penalties.

GDPR impacts the globe. This not hype or exaggeration. Non compliance will cost you a hefty sum. You face fines of $10 million to $20 million despite your size or length of time in business. Readiness is imperative.

Where ever you are on the planet if you own and operate a business using a website you must comply with the new regulation mandated by Europe.

If you do not own a business then you are an ordinary shopper, buyer some type of product. In a global environment you purchase your product online or offline. You now have the right to know from an entity how your name, email address and physical address is stored and used.

Are you part of a remarketing campaign? Is your email address an asset as part of a sale of a business? Will a marketer offering you a product also offer up your email address to another marketer who offers a similar or comparable product? Those marketers need your permission to do that. Those marketers have needed your permission since the Federal Trade Commission made it mandatory in the United States.

It seems like something much more illicit is going on but it is not.

Since 2005 the Federal Trade Commission enacted rules for marketing and online business. The rules support the concept of permission based marketing. Yet so many marketers, small business owners, IT professionals, large and medium sized businesses have flouted the law. It’s been a field day. Entities that never asked permission to email you now flood your inbox. Some email you 6 times during daylight hours and 8 hours at night.

As a result, text messaging, remarketing, email marketing, banner ads, and any other form of marketing will be strictly regulated because some entities are desperate to meet quota, make a sale or develop a relationship with you. Obviously the rules were not read.

At our company, we would ‘die and consciously go out of business’ rather than hound your inbox. Our philosophy is simple. If you did not respond then our offer does not interest you. Just that simple.

Here are a few of the GDPR Readiness requirements as defined by BING Digital:

  • Email marketing – Recipients of your email marketing materials must have given you permission to contact them and you must also be able to show when and how they did this.As a member of our list you receive infrequent email from us. Now we will ask your permission. We will remind you how you came to be on our list initially because we keep that information. You will learn how you ended up on our list by identifying the ebook we offered that you agreed to receive. We keep that data too. 
  • Privacy policy – If your site hasn’t got one already, you will need a privacy policy in order to comply with GDPR. Failure to provide one could lead to a fine.Our Privacy Policy is clearly stated under our Privacy Policy contained within our Policies on our website. We encourage you to read our Privacy Policy and invite you to contact us if you believe our Privacy Policy is not compliant.
  • Opting out – You must make it easy and straightforward for people to opt-out of your marketing materials. The simplest way of doing this is to provide a contact email or contact number on all your marketing correspondence.Our format for opt-out email will change from the bottom of our email messages to the top of our email. Essentially before hello we will offer your the option to opt-out. This format will become our new standard.

As good corporate citizens we always share relevant links to topics we cover. Here is no different. We have discovered the United Kingdom’s resource guide on compliance and invite you to review it carefully. The Information Commissioners Office found at offers a free resource called Preparing for the GDPR in 12 Steps. You can download it here.  Now we understand the United Kingdom’s decision to exit the EU. As a result, the English understand this change much better than we Americans so read their perspective and modify yourself for GDPR Readiness, or get help here. Bear in mind, the United Kingdom is subject to this regulation as well. No business, no country, no website is immune.

Consequently, what began as a policy document is now an opportunity share insights. You will see this document again. We hope it will be helpful to you. Read our latest post here.