But what is GDPR and how will it impact your business here in New Zealand?
GDPR stands for ‘General Data Protection Regulation’. It’s a new European law to do with the management of how businesses process and handle data, and it takes effect on May 25th 2018.
There are six key principles of GDPR that pertain to the collection of customer data through your website or email marketing:
You must explain to your customers how their data will be used
Only use data for the purposes specified at the time of its collection
Only collect data that is necessary for the purpose you specify
Make sure any and all data is accurate
Only store data for as long as necessary for the intended purpose
Actively protect the loss or theft of data in a proactive way
Note: You will need to be able to show that you are in compliance with these regulations on demand and how you comply.
The GDPR applies to any individual or business who does business with people in Europe.
This does not require an exchange of money.
For example, if you are a tourism business in New Zealand but store the contact details of a European customer, you must comply.
If you have an email list and any of your subscribers are in Europe, you must comply.
This specifically applies to any business whether inside or outside of the EU who markets services or products to EU citizens.
This basically means GDPR applies to any business.
All data that you are using or planning to use for marketing will now need consent from the customer.
You will need keep track of when this consent was given and know that this consent will expire.
Consent must be regularly updated. This can be achieved by sending out an email to your subscribers, confirming that they still want to be part of your mailing list.
Customers have now have to to ‘opt-in’ to a mailing list.
How does this differ from current practices?
Currently a many email subscriber forms have the ‘opt-in’ box prefilled and a customer can untick if they do not want to receive regular emails or promotions. For the new laws, this box must remain unticked. To opt-in, this box must be checked by the subscriber.
So, moving forward, to be compliant, you will need to keep records of your updated customer list, noting how they opted in and when.
Remember: You may be required to prove you have done this on-demand.
It may seem daunting to suddenly be subjected to these regulations, particularly considering that the EU is on the other side of the world, but ultimately, these regulations are for the greater good and provide a real opportunity to demonstrate goodwill and build a whole new level of trust with your subscribers.
The fact that the law has not yet reached NZ shows your subscribers that you genuinely care about their privacy and are taking active steps to protect their data.
Additionally, when these regulations are inevitably written for Australia and NZ, you’ll already be ahead of it.
Disclaimer: This post is for information purposes only and should not be used as a guide, or legal advice, pertaining to the GDPR and becoming compliant. Rather it provides background information on what the GDPR is and how it may affect you. Please seek legal advice if needed.
Storytelling is more than a marketing tactic—it’s a way to build genuine connections and create…
Gamification is more than just a marketing trend; it's a powerful tool for boosting customer…
With billions of emails sent daily, standing out in the crowded inbox is tough. To…
User-generated content (UGC) is a powerful tool for businesses seeking to connect with their audiences…
A recent incident involving a restaurant owner threatening legal action against a customer for leaving…
Google Ads offer superior targeting, detailed analytics, flexibility, and higher audience engagement compared to traditional…