Disclaimer – We are not providing any legal advice or consultation pertaining to GDPR or other compliance issues. Please consult with your legal teams and resources to ensure they are aware of their obligations under applicable regulations.

SugarCRM has found that the implementation of GDPR does not mean the end of data-driven marketing and GDPR can even be seen as a positive with regards to marketing for many businesses. This is because the individuals that companies will be marketing to will have previously actively indicated that they are happy to receive marketing communication and will therefore likely find value in the content that is being sent to them and be more receptive and interactive.

However, it is highly important that businesses adapt their current processes with regards to collecting and processing personal data to be in line with the new GDPR rules.

Listed below are Sugars’ key items for businesses to think about:

The Double Opt-In

It is recommended that going forward all marketing is only sent to individuals that have performed a double opt-in. By default, the individual should be opted out to receiving marketing communication, they must first express an interest in receiving communications, this could be via a web form for example. Once the business has received a request to opt-in to receiving information, the business can then send a follow-up communication to confirm the request. Until confirmation is received, the individuals’ data cannot be used for marketing. Ensure that you record details of the double opt-in as proof of opt-in.

NOTE: Opt-in is different to consent. Consent means that the business has permission to store or process data for the purposes provided in the policy. Opt-in means that the business has permission to send marketing communications. The individual can give consent but may not opt-in.

Transparency is key

Individuals’ data needs to be treated with respect and held securely. It is down to the business to ensure that they are able to demonstrate why the individuals’ data is being collected, the purpose for why the data is being stored and that only required data is being collected.

Power now lies with the customer

GDPR will give individuals more control over how and why their data is collected and stored and will also give them the power to request the erasure of their data. It is thought by many that a right to erasure request will usually follow an unpleasant experience, therefore it’s important to ensure that businesses are marketing responsibly and providing a good customer experience.

GDPR can come across to businesses as a negative item that will have a negative impact on your marketing, however, even though it was designed to give the individual more power it can also help businesses to better define their audiences. They may only be able to market to a smaller audience but that audience will be more receptive and interactive and therefore possibly yielding better results.

Check out Sugars’ eBook: Getting Ready for GDPR – A Practical Guide for more information.

Chloe is Sugabytes Customer Success Manager. Ensuring our existing customers of Sugabyte continue to be successful using SugarCRM and Act-On.