GDPR - time to get planning
The new European General Data Protection Regulations (GDPR) come into force on May 25, 2018 - and it's a big deal.
If your resort has a database of names, uses email marketing, sends direct mail or makes sales calls, the law is changing what you can and can’t do. Some things you might do today will no longer be allowed.
People now have the right to know what personal information you’re storing about them. And what you might do with that data. The law applies to data which could be traced back to an individual. That even includes things like their computer’s IP address.
You need to explicitly ask permission to send someone email marketing. They must opt in. You cannot assume you have permission, you can't hide it in your privacy policy and you can't have a pre-ticked box which people have to untick.
And you also need to record when they gave you permission and log exactly what they were shown when they opted in.
Finally, remember that people have the right to tell you to stop marketing to them so you must make it easy for them to opt-out of receiving future marketing. And keep your opt-out list current so that you don't keep contacting them once they have opted out - and incur some hefty fines.
If your resort has a database of names, uses email marketing, sends direct mail or makes sales calls, the law is changing what you can and can’t do. Some things you might do today will no longer be allowed.
People now have the right to know what personal information you’re storing about them. And what you might do with that data. The law applies to data which could be traced back to an individual. That even includes things like their computer’s IP address.
You need to explicitly ask permission to send someone email marketing. They must opt in. You cannot assume you have permission, you can't hide it in your privacy policy and you can't have a pre-ticked box which people have to untick.
And you also need to record when they gave you permission and log exactly what they were shown when they opted in.
Finally, remember that people have the right to tell you to stop marketing to them so you must make it easy for them to opt-out of receiving future marketing. And keep your opt-out list current so that you don't keep contacting them once they have opted out - and incur some hefty fines.
While it’s tempting to think “I’ll deal with it in May”, there are some easy things you should do right now, which mean you won’t run into trouble later.
The new GDPR law is complex and extensive. It goes well beyond what we can fit here. However, EVC Marketing and Red Live Media can help you with every aspect of your GDPR planning and implementation to help you start to comply. Contact us now for further information.
- Act Now - May 25 is not that far away so get ahead of the game!
- Do a data audit – Clean your data!
- Seize the opportunity – GDPR offers a superb opportunity to re-connect with past clients, members, bookings, enquiries and members! You can set up a sequence contact campaign – another reason to grab the opportunity and be in touch!
- Privacy statements – Update to a GDPR complaint privacy statement
- Review policy and procedures – Implement internal policies and procedures to demonstrate GDPR compliance!
- Staff training – Create internal awareness BEFORE contacting your database
- Have a GDPR plan
- Common sense – If in doubt use common sense!
The new GDPR law is complex and extensive. It goes well beyond what we can fit here. However, EVC Marketing and Red Live Media can help you with every aspect of your GDPR planning and implementation to help you start to comply. Contact us now for further information.