A more practical take on the GDPR

Practical Take on GDPR

How the new regulations will impact your organisation?


Unless you’ve been living under a rock for the past year, you would have noticed the ‘oncoming storm’ that is the GDPR. Your inbox would be filled with invitations to seminars and briefings about the new legislation with solicitors and other pundits giving their interpretation of the law and the guidance that has been published so far.

Paragon too has been offering help to our clients. But rather than drowning people in ‘legalese’, our subject matter experts have been looking into the detail of the rules, the best practice that is starting to surface and drawing on their extensive industry experience in direct communications to assess the practical impact it will have on marketing communications. What does it mean in practice? How can we all be compliant, but still continue to use data and personal information appropriately to market more efficiently and effectively.   It is a complex challenge and something organisations need to take action on now. If you are feeling a bit confused or overwhelmed by it all, we can help.

So what is GDPR?

The General Data Protection Regulation has been compiled by the European Parliament, Council of the European Union and European Commission and intends to strengthen data protection for all individuals within the EU. The GDPR will apply in the Europe from 25th May 2018 and the UK’s decision to leave the EU will not affect that commencement. It will apply to all personal data, including sensitive information, and mandates that organisational control and customer & employee data is processed in accordance with the law.

So, the practical upshot is that you have to know where all your data is, map those processes and assess the risks involved. You need to manage people’s preferences across the organisation. Having a Single Customer View will help you in this, so if your data is sitting around in lots of unconnected pots, it’s going to be harder hill to climb. But we can help here too. 

Two areas under GDPR that particularly impact on marketing fall under Consent and Legitimate Interest. Organisations must ensure that consent is freely given (not co-erced), specific, informed and an unambiguous indication of the individual’s wishes. There must also be a clear affirmative action by the consumer, so consent gathered for example, pre-ticked boxes or through silence previously will not cut it under the GDPR. You may need to re-permission slabs of your database or risk losing them. Honesty and transparency are key but there are other supporting approaches we could help you explore.  Under GDPR, consent management becomes an organisation wide and ‘always on’ process and we can build you a compliant preference centre to manage this. Not getting the right consent will seriously impact on your ability to communicate digitally with your customers, so you need to get it right.

Direct Mail remains an opt-out media channel (though some organisations are choosing to self-restrict by moving to opt-in voluntarily). However, this will only be possible through invoking legitimate interest that balances the organisations objectives against those of the customer.  We’ve looked at this in detail and have developed an approach that will help deliver this balance – and do you know, it reflects what is best practice in marketing communications anyway, making sensible and appropriate use of data to both your organisation and your customer’s benefit. To a large extent GDPR was designed to reign in some of the ‘Wild West’ tendencies of digital communications. Timely, relevant and motivating Direct Mail and the power of the physical never went away but will grow in use – watch this space.

Why do you need to know about the GDPR?

If your organisation uses personal identifiable information (and we all do) then you need to be aware of the GDPR and the implications it could have on your business and take actions to be compliant.

All organisations need to ensure they are lawfully using customer, employee and other data correctly, whilst also being able to gain insights from it to influence business decisions and their marketing activities. Apart from the eye-watering fines (up to 4% of global turnover) it’s the right thing to do. The GDPR is great reset point to ensure we are all making the most of customer data and we shouldn’t be afraid of the potential impact on our database size – those left will be truly engaged. It’s about having confidence in the brands and our skills as marketers to motivate consumers to take an action and engage with us on their terms.

How can we help?

Paragon Customer Communication’s team of subject matter experts are well placed to explain the practical impact that the GDPR will have on your communications and the solutions that we have developed around data exploration, consent and preference management, re-permissioning and breach notification that could help you meet your obligations under the new regulations.

To find out how we can help you and your organisation gain compliance, please fill in the contact form below and our experts will be in touch:


Marc Michaels

Director of Strategy & Insight | Paragon Customer Communications

E: marcmichaels@paragon-cc.co.uk

M: +44 (0)7875 134 818