The secrets to an RGPD compliant marketing strategy without decreasing your revenue?

The secrets to an RGPD compliant marketing strategy without decreasing your revenue?

by Joe Shara on 7/05/2021 |

The GDPR is the initial of "General Regulation for Data Protection" and designates the last European directive concerning personal data, published in 2016 and which is in application since May 2018. It provides for: strengthened obligations to protect data held by companies, devices relating to the expression of consent to collection and the development of the concept of portability.

Some concrete examples are:

The pre-cleared boxes will no longer be accepted to validate a consent

The consent of the children of less than 16 years will not be accepted any more

No consent can be of an indefinite duration, it is always possible to go back on its decision

The possibility of asking to erase your data at a supplier as well as all its affiliated partners (don't worry, you just have to do it at the supplier, who will validate the deletion of your information at its partners).

Here are some new features for your data:

Transparency: You will now have to be clear about all the data collected

Data portability: you could recover your data from Facebook and transfer them to Linkedin for example

The right of opposition: The possibility to oppose to profiling, or to direct marketing purposes.

It would be important to always keep a register of data and especially what we do with it (Yes more work for the agencies)

Increase the responsibilities of the subcontractors: because new security standards must be put in place: In case of hacking you must inform all stakeholders of the data collection, first: the supervisory authority, the person responsible for the treatment and the final consumer

In addition, in case of hacking, you must inform all stakeholders of the data capture, in the following order:

  1. The control authority
  2. The person in charge of the treatment
  3. The final consumer

All this will give birth to a job that some people qualify as a job of the future which is the "Data Privacy Officer" who must be recruited for a minimum of 2 years for any processing of a multitude of data.

How can we be sure that we respect all this?

New certifications are now possible with the release of this new law including ISO 27001, be careful because the fine can go up to 10 million euros, or 4% of your annual global revenue.

This also applies to non-European companies that collect user data in Europe

Any security breach must be reported within 72 hours, this does not only apply to companies but also to bloggers, small businesses, and entrepreneurs

You should not be afraid of all this, but simply be ethical with your lists. I personally recommend following these few rules every time:

Highlight the "I agree to receive emails from ...."

Put the text "This site uses cookies for a better experience ...."

Put all the details of the tools used for your analytics data, even the external providers

Document all data deletions in your database

Don "t think that a checkbox will decrease your subscription rate, again stay ethical, your lists will keep growing.

And last but not least, don "t do it just for European users, but like us be GDPR all over the world.

Your subscribers or users around the world want to be treated well

Of course, check all this with your lawyer


More information on the CNIL website here

Frequently Asked Questions

In case of hacking, you must inform within 72 hours all parties involved in the data capture, in the following order: 1- The supervisory authority 2- The data controller 3- The final consumer

- Transparency - Data portability - The right to object - Keeping a record of data and sharing - Increasing the responsibility of subcontractors

GDPR or in French RGPD stands for "General Data Protection Regulation" and refers to the latest European directive regarding personal data, published in 2016 and which has been in force since May 2018. It provides for, among other things: strengthened obligations to protect data held by companies, devices relating to the expression of consent to collection and the development of the concept of portability.

- Pre-checked boxes will no longer be accepted to validate consent - The consent of children under 16 years old will no longer be accepted - No consent can be for an indefinite period, so it is always possible to go back on your decision - The possibility to ask for the deletion of your data from a supplier as well as all its affiliated partners



People Who Read This Article Also Read...

How to install a Laravel web application that you cloned from Git

Laravel is a powerful php framework that allows you to create custom web applications

How to install a Laravel web a...


Everything You Need To Know About Communication Agencies

By definition, a communication agency (marketing) is a company that plans and harmonizes internal and / or external communication on be...

Everything You Need To Know Ab...


12 questions to ask when collecting customer data

Collecting data from customers is an important marketing strategy since it gives you information on what customers exactly want instead...

12 questions to ask when colle...


How to fix Joomla Error 0 'Cannot open file for writing log while updating'?

Did you already try udpating your joomla website and you got this error : "An error has occurred. 0 Cannot open file for writing log" ...

How to fix Joomla Error 0 'Can...


This is How you can Simplify Complex Enterprise Workflows in Your Business

A workflow is a repeatable scheme or pattern of a sequence of steps or activities that are undertaken to realize the completion of a pa...

This is How you can Simplify C...


Is ETL Still Relevant in 2019?

ETL is an abbreviation for extract, transform, and load. It is one of data integration tools used in the extraction of data from a sour...

Is ETL Still Relevant in 2019?