Digital Marketing Solutions Summit | Forum Events Digital Marketing Solutions Summit | Forum Events Digital Marketing Solutions Summit | Forum Events Digital Marketing Solutions Summit | Forum Events Digital Marketing Solutions Summit | Forum Events

Posts Tagged :

GDPR

SME GDPR compliance only ‘skin-deep’

72% of UK SMEs report being ‘very aware’ of GDPR and its requirements, but 60% say that the recent changes to data protection have had a ‘slight’ or ‘no’ impact on their business, while 8% do not know.

The figures, from a survey commissioned by Shred-it, have revealed a positive understanding and engagement with the principles of GDPR among SMEs on its first anniversary, but also highlight a possible cosmetic understanding and key areas of concern around the more complex aspects of full compliance.

The independent survey of 1439 SMEs comprised a series of unprompted questions and covered a range of businesses in specific market sectors across the United Kingdom with 85% having 10 to 49 employees.

When asked about GDPR readiness nine in ten rated themselves as a ‘4’ or ‘5’ out of 5; the main actions taken were reviewing policies (45%) and emailing customers for consent (35%). These are considered to be the lighter ‘front end’ aspects of GDPR compliance according to Shred-it’s experts.

The survey data showed that one third (32%) of SMEs reported that GDPR has had a ‘great’ or ‘considerable’ impact on their business. When those businesses that had experienced challenges with GDPR compliance were probed further, they cited data breaches and disclosure requirements as the main challenges, with healthcare (27%) and real estate (25%) the main industries affected with those specific areas. Small proportions also reported issues with subject access requests, again with healthcare (28%) and real estate (15%) being the main industries affected.

Ian Osborne, Vice President UK & Ireland for Shred-it, said: “On the surface it is good news. It is clear that many feel they are already compliant with GDPR having reviewed areas such as ‘consent’ activities and publishing a privacy notice. These typically deal with the ‘front end’ aspects of GDPR. However, while many say they are ready, there is a real question mark over the extent to which the majority of SMEs are prepared to respond to a data breach or how to react to a subject access request, for example. Our survey suggests that there is still a need for a large education exercise to show SMEs what is really involved in GDPR compliance at depth.”

Of the 10% that said they were ‘not quite’ or ‘not at all’ ready, who rated themselves as a ‘1’ to ‘3’ out of 5, 42% (54 businesses) said they have not been dealing with it; when asked what was holding them back, their unprompted reasons were that data protection authorities were ‘only interested in bigger companies’, it was ‘not applicable to us’, it was ‘too complicated’, and they were ‘too busy’. Of the 10%, two in five would only trust someone in-house to help them comply with GDPR – only one in ten would consider external support and only 4% would trust the data protection authority for assistance. The SMEs that would consider external support were unsure what services they needed and when they would intend to look for support.

In the twelve months between 25th May 2018 and 2019 the Information Commissioner’s Office (ICO), the UK’s independent authority set up to uphold information rights in the public interest, has taken 59 enforcement actions.

Osborne added: “Our survey seems to show two clear pictures emerging. One is where the majority of SMEs are genuinely engaged with the process of compliance; within that group there are many who believe they are already compliant but may have missed some key more complex parts of the GDPR. It is the minority in that group who have recognised its greater challenges and are wrestling with its more complex areas. The other is one where some SMEs recognise they are not ready, seem unwilling to address the issue of GDPR compliance and are reluctant to seek support in any form to help them. When the relevant authority’s fines become more common headlines across the UK, we expect that views may change about what compliance really means.”

GUEST BLOG: Fixing the broken sales funnel

Business agility and the ability to respond fast to new sales opportunities has never been more important and a strong, intelligence-led sales model is essential to maximise opportunities. Yet in this post GDPR era, sales models have never been weaker or less efficient. A lack of data confidence is undermining outbound activity, leaving companies reliant on increasingly expensive inbound campaigns that are not delivering.

To fix the broken sales funnel, organisations clearly need to use to fresh, accurate and GDPR compliant data. But that is just the start: successful sales activity is underpinned by a scientific, structured and metrics driven approach that leverages multi-dimensional real-time data, as James Isilay, CEO, Cognism, explains.

Science not Art

Fewer good prospects. Delayed decision making. Ever lengthening sales cycles. A lack of predictability in the sales process. For many companies, the sales funnel is looking less than impressive. Yet while the temptation is to blame new restrictions of data privacy created by GDPR on the other, there is little value in playing the blame game. What companies require is a solution.

Where is the sales funnel broken and how can it be fixed? Understanding the ‘where’ is key – and something that far too many companies fail to address. How many good sales-people have been fired, when the problem was poor data? How much time has been wasted on prioritising the wrong prospects or failing to correctly identify the total addressable market?

A broken sales funnel cannot be repaired just by adding technology, replacing salespeople, or addressing data quality – although these are without doubt essential components of sales success. Without a robust, clearly defined and, critically, measured sales funnel, organisations will struggle to maximise sales opportunities.

Sales is a science, not an art; and companies need to take a far more metrics-led approach to sales models and management. Breaking the sales funnel down into its constituent parts, measuring performance and comparing results at every stage of the funnel to an equivalent industry standard benchmark is an essential step in understanding the current position.

This means not just tracking the number of phone calls made but the number of dials, number of connections and the number of conversations. How many conversations then convert to meetings or product demonstrations; and meetings to opportunities and then closed deals?  And, of course, never overlook quality – it is essential to measure the quality as well as the volume of leads to optimise sales performance.

Breaking down the prospecting activity into this detail is essential to reveal the specific point – or points – of failure; and to create a clear view of what needs to change to turn sales around and transform bottom line performance.

Intelligence Led

There are three core components of a successful sales funnel: people, process and technology.  Getting the right people to undertake specific components of the sales activity is key.  Break the process down into distinct areas and have specific KPIs for each to measure activity levels and outcomes. Allocate well trained and focused individuals to cold outreach, and more experienced individuals to deal closing. This is a far more effective model that will definitely improve performance.

Provide clear benchmarks to set performance expectations – and use them. If an individual’s performance is not hitting the minimum standard, jump in. Determine the problem and address it – whether that is through training or new messaging. Being proactive is essential to ensuring the funnel continues to perform effectively.

High Quality Data

Supporting these people with great data is, of course, fundamental, especially given the GDPR data privacy compliance requirements. Bad data is one of the most frustrating problems for any sales team. From the time wasted calling contacts who have moved on, to targeting companies that recently spoke to a colleague or, even worse, invested in a competitive product, bad and outdated data is a major barrier to sales success.

Combining good, accurate and continually refreshed data with a CRM system is an essential part of the model, ensuring data is up to date and shared across the sales function. With access to a deep, accurate and GDPR compliant customer data resource, the sales team can gain confidence and avoid time wasted in irrelevant outreach. But that is just the start. By adding events to the typical two dimensional company and people data – and ensuring this information is continually refreshed in real-time – companies can completely reconsider the sales funnel. From transforming the understanding of the total addressable market to using purchase triggers and decision making personas to prioritise activity, the use of revenue driven AI can deliver significant bottom line improvements.

From new job titles to funding rounds, even office expansion, there are a number of triggers that can be used to more effectively drive the timing and messaging of outreach campaigns. And, by feeding persona specific responses to different marketing messages back into the CRM system, the process can be continually improved. Essentially, Revenue AI provides a positive feedback loop.

Conclusion

Extending the metrics led marketing model from inbound, where performance and return on investment is continually assessed, to outbound is perhaps a cultural change for experienced sales people. But a sales funnel reliant upon an old school contacts list and perceived market opportunities is all about the ‘art of sales’ – it will never stand up to a competition embracing a science led, metric driven approach.

There is an enormous universe of prospective customers – and salespeople do not know every single company in the market, whatever their perception. New companies appear, others disappear; new funding rounds fuel growth; big wins result in business expansion. Without intelligence and a robust, process driven sales model, a company will never have an accurate handle on the total addressable market or a way to identify and prioritise outreach.

With current global economic uncertainty, opportunities are thinner on the ground and those companies with a broken sales funnel will struggle. In tough times companies need to be able to effectively and efficiently target the best opportunities, at the best time, with the right message. It is the companies with the smartest sales model that will succeed.

Consumers warm to brand data handling post-GDPR

Two in five consumers (41%) say they are more comfortable and confident that brands are handling their data correctly due to the introduction of the General Data Protection Regulation (GDPR).

In addition, fewer people find themselves often questioning how a brand got their data in the first place than a year ago, according to the DMA’s ‘Consumer email tracker 2019’ report.

The research delves into consumers’ perceptions and preferences – when it comes to the channel most (59%) prefer brands to get in touch through email. In 2018, consumers believe they received less email than ever before, estimating this at around 57 per week to their personal inboxes – down from 73 in 2017 – and less than half of these (44%) are from brands.

In addition, consumers estimate they’re signed up to receive email messages from around nine different brands, which has also declined from 12 in 2017. The DMA says the figures are a potential by-product of the new laws and consumers’ belief they have more control over the marketing emails they receive.

Rachel Aldighieri, MD at the DMA, said: “Despite the challenges that the GDPR may have brought to marketers and their organisations, it has clearly had a positive impact on consumers. The fact that so many of the people we surveyed said the new rules have made them more confident about how brands treat their personal data should be seen as a very positive step. This year’s report highlights the power of email to be at the heart of brands’ communication with customers, being the central channel that others can then be built around. However, it’s fundamental that marketers combine convenience and relevance, building relationships based on transparency and trust.”

Phil Draper, Chief Marketing Officer at dotdigital, which helped pull together the data, said: “Creating powerful, two-way relationships with consumers should be at the core of all modern marketing strategies. It’s what consumers want, and what marketers are working to deliver. The fact that brands have reduced the number of emails they’re sending is an indication that brands are focusing more on delivering relevant and interesting content.”

Unsubscribe doesn’t have to mean unsubscribing

The most predominant reason for unsubscribing from a brand’s email programme is receiving too many messages (59%), followed by the information no longer being relevant (43%) and not recognising the brand (43%). Most people (70%) take action via the brand’s website or the button within an email, with 40% expecting to never hear from that brand (via email) again or only receive transactional emails (23%).

However, almost one in five expect to be taken to options where they can change their email preferences (9%) or to some form of survey (7%), offering marketers the opportunity to retain that customer by changing their approach or, at the very least, better understand why they’re leaving.

When offered this opportunity for control, around a third (36%) say they would like to reduce the frequency of emails they receive or specify the products/services they hear about (31%) – two of the key reasons they may have clicked unsubscribe in the first place.

Marcus Gearey, Chair of the DMA Email council’s research hub and Analytics manager, Zeta Global, added: “The management of the inbox is an attempt to maximise utility and minimise disruption. The right message of the right value still wins: too many of the wrong one makes it difficult to get that consumer to change their mind that your brand belongs in their spam folder rather than their inbox.”

IAB responds to EU privacy complaints

The Internet Advertising Bureau (IAB) Europe has responded to complaints filed by campaigners with Data Protection Authorities (DPA) in the UK, Ireland and Poland, which make specific reference to the IAB OpenRTB Protocol and IAB Europe Transparency and Consent Framework (TCF).

The complaints allege that programmatic advertising using real-time auctions are inherently incompatible with EU data protection law. The premise of these challenges is based on communication between IAB Europe and the European Commission, from April 2017.

At the time, these conversations were part of a dialogue around the planned implementation of GDPR and revisions to the ePrivacy Directive.

IAB Europe was asked to provide details of potential challenges that would be faced within the digital advertising ecosystem, to ensure regulations developed were appropriate for use and could be implemented without limitation across the entire value chain.

The limitations identified at that time focused on how notice and choice could be given to consumers regarding the use of their data for targeting purposes. These limitations have since been addressed by the development of the Transparency and Consent Framework and IAB Consent Management Platform (CMP) by IAB Europe.

IAB Europe says it remains engaged with the European Commission and regional DPAs on behalf of members and the broader digital advertising industry, and adds that a similar dialogue has been attempted with the instigators of the complaints.

The IAB statement read: “These claims are not only false but are intentionally damaging to the digital advertising industry and to European digital media that depend on advertising as a revenue stream.

“IAB Europe has consistently tried to outline the counter arguments and correct information, mentioned above, to the claimants. However, they have consistently chosen to ignore the facts, bringing more inaccurate information to support their case. Their errors of omission could therefore be characterised as either misrepresentations or just fabrications.”

Click here to read the full statement from IAB Europe.

Has GDPR made marketers more data conscious?

The introduction of the General Data Protection Regulation (GDPR) in May 2018 has undoubtedly disrupted inbound and digital marketing strategies.

From adding compliance overhead to the soaring cost of inbound campaigns and fear of non-compliance undermining confidence in outbound campaigns, marketers are struggling to meet revenue targets.

But GDPR has also served as a massive wake-up call: marketing teams have, finally, recognised the sheer inadequacy of existing data resources.

James Isilay, CEO, Cognism, welcomes a new generation of revenue focused, data-aware marketers who are confidently combining trusted, compliant data resources with Applied Intelligence to deliver focused, targeted outbound marketing campaigns that result in a significant revenue uplift…

Blessing in Disguise

Marketers have had six months to come to terms with the realities of a post-GDPR world, but as the dust settles it is not the fear of punitive fines that is dominating the agenda but the challenge of achieving ROI given the spiralling costs affecting every stage of the sales and marketing funnel.

From the addition of the Data Protection Officer to the sheer weight of compliance overhead now borne by marketing and the spike in PPC costs, the marketing budget has taken a massive hit. The logistics associated with meeting GDPR requirements for routine data cleansing, ensuring that contacts are registered and that any out of date records are deleted are without doubt a challenge for many companies.

Yet what has really taken many by surprise is the sheer inadequacy of existing sales and marketing databases – and the knock on implication for marketing campaigns. The fact is that approximately one-third of data degrades every year and most sales teams have been using data that is up to 60% out of date: recognising and addressing this fact alone will make GDPR a blessing in disguise for marketing teams.

Data Confidence

This new era of data awareness is, in many ways, long overdue. If companies want to maximise the value of marketing data resources, the number one priority has to be accurate and up to date information. That means ditching the spreadsheets and embracing a CRM platform to achieve better data control; and it means ensuring that any data provider is by default providing GDPR compliant data and can prove strong privacy and compliance credentials. But it also means recognising and addressing the speed with which data degrades: how is the business planning to ensure data is kept up to date, accurate and alive?

It is only when armed with a trusted, accurate, real-time and GDPR compliant data resource that a business can truly begin to transform marketing performance, and hence improve the revenue stream. Combining this trusted data resource with Applied Intelligence (AI) marketing can transform performance – from gaining more insight into customer personas to identifying purchasing triggers, and delivering highly targeted, highly effective outbound campaigns.

Global Compliance

Compliance to data privacy regulations is becoming a fundamental requirement for marketers globally – from Canadian Anti-Spam Legislation (CASL) to the diverse interpretations of GDPR throughout Europe and state-specific demands in the US – and that is great news in raising data awareness and understanding. But no marketing team is rewarded for achieving regulatory compliance: it is driving revenue from those data resources that remains the primary goal. And with the cost of inbound marketing campaigns continuing to spiral, there are very real opportunities for those companies able to combine real-time, compliant data resources with AI to deliver highly targeted, highly effective outbound marketing to drive tangible revenue uplift.

GDPR still causing small business owners problems

GDPR is still causing small business owners problems, with many admitting that they are ‘clueless’ when it comes to the do’s and don’ts of data privacy regulations.

Aon commissioned researchers to poll 1,000 small business owners and found that many have procedures in place which could result in multi-million pound fines through ignorance of the new law, brought in from 25th May 2018.

More than a quarter of those polled allow staff to use their own computers, tablets and phones for work purposes which contravene rules as personal data could be stored unencrypted at home.

One in 10 also revealed they have visitors books in their HQ – where visitors can freely see details of others who have been there previously.

Paper diaries were still used by 26 per cent of businesses – which could contain private information or customer details and be easily misplaced.

And ten per cent said the circulation of printed out sponsorship forms – which often contain names and addresses – is common at their place of work, which is another contravention of GDPR rules.

Chris Mallett, a cyber security specialist at Aon said: “As the results show, many businesses could be in breach of GDPR – most likely without even realising it.

“Visitors books, allowing staff to use their own mobiles for work purposes and even seemingly minor things like distributing sponsorship forms around the office carry risk.

“Yet these sorts of things are commonplace among businesses big and small across the UK.”

TOP 10 MOST COMMON WAYS SMALL BUSINESSES ARE, OR COULD BE BREAKING GDPR RULES:

1. Allowing staff to use their own computers, tablets or phones for work purposes – if personal data isn’t encrypted
2. Staff using papers diaries used for work purposes and containing personal information – major risk of them being misplaced or falling into the wrong hands
3. Using training materials which feature full details of real life case studies
4. Using images which feature customers to promote your business
5. Storing files which potentially contain personal data outside of a defined structure/naming system
6. Using images to promote your business which feature members of staff wearing nametags
7. Holding unencrypted CCTV footage where individuals are recognisable
8. Recording customer calls which capture customer card details
9. Visitors books where visitors can see other people’s information when signing in – such as names, company they work for, their vehicle registration number etc
10. Staff members circulating sponsorship/charity donation sheets

Complaints to the ICO ‘have doubled’ since GDPR came into force

Complaints to the Information Commissioner’s Office (ICO) about potential data breaches have more than doubled since the General Data Protection Regulation (GDPR) came into effect, according to law firm EMW.

There were 6,281 complaints between May 25 2018, when GDPR came into force, and 3 July 2018, a 160% rise from just 2,417 complaints over the same period in 2017.

EMW says that businesses should be concerned about the significant increase in complaints and the size of potential fines that can be levied under the new GDPR.

Under the new regulations the cap on each fine will be raised to £16.5 million (or 4% of worldwide turnover of the entity being fined) – 33 times more than the current maximum £500,000 fine.

Increasing numbers of individuals are making complaints over potential data breaches, including some more disgruntled consumers making several, repeated complaints. Greater media publicity and Government advertising means there is a heightened awareness of individuals’ new data rights under GDPR. There is now a greater public focus on the accountability of businesses of all sizes in handling personal data.

EMW says individuals are most likely to make complaints when their sensitive personal and financial data is at risk. The financial services sector received over 10% of all complaints (660), with businesses in the education and health sectors receiving a combined 1,112 complaints.

James Geary, EMW Principal for Commercial Contracts, said: “A huge increase in complaints is very worrying for many businesses, considering the scale of the fines that can now be imposed. There are some disgruntled consumers prepared to use the full extent of GDPR that will create a significant workload for businesses.”

“We have seen many businesses are currently struggling to manage the burden created by the GDPR, whether or not an incident even needs to be reported. The reality of implementation may have taken many businesses by surprise. For example, emails represent one of the biggest challenges for GDPR compliance as failing to respond promptly to subject access requests or right to be forgotten requests could result in a fine. The more data a business has, the harder it is to respond quickly and in the correct compliant manner.”

37% of UK businesses ‘still not GDPR compliant’

New research shows that over a third of UK business haven’t fallen in line with GDPR, while a similar amount still send marketing emails without consent.

A survey of 1,021 UK workers carried out by MarketingSignals.com, revealed 37% confess they are still not following the General Data Protection Regulation (GDPR).

When asked to elaborate on why the business wasn’t falling in line, 35% said they are still sending marketing emails without the expressed consent.

In addition:

  • 31% say they still have the data of those who haven’t agreed to opt in to having their data stored.
  • 27% say they haven’t secured the data in case of a ransomware attack.
  • 22% say they have a longer process for those choosing to opt out from receiving information.
  • 14% say their firm hides privacy choices from people
  • 17% say they are still unsure as to what the benefits of GDPR are

Gareth Hoyle, managing director at MarketingSignals.com said: “The research shows there are many ways that businesses are admitting to not following the newly enforced GDPR regulations. GDPR is the most fundamental change to ever happen to data privacy, so it is imperative that businesses follow this and complete the process as soon as possible.

“Businesses need to understand that acting responsibly and ethically with customer data is crucial to protect and enhance brand reputation and ensure customer trust. Not only this, but it will enhance the quality of data collected which is a good thing for UK businesses.”

81% of UK marketers feel ready for GDPR, but their employers may not be

GDPR awareness is at its highest level since 2016 and 81% of marketers feel prepared – although 7% say their employers still have no plan in place.

The deadline for Europe’s most significant overhaul of consumer data privacy laws is this coming Friday (May 25th) and the Digital Marketing Association (DMA) has published research that finds UK marketers’ confidence in their GDPR preparations is at an all-time high.

The report, ‘GDPR & You – Chapter 5’, found that 81% of marketers are confident in their understanding and preparedness for GDPR, having steadily grown from 49% since the DMA’s first survey in 2016.

However, one in five (20%) of marketers state that their employers are behind schedule and will not be ready to comply with GDPR by 25 May. Worse still, 7% state that their organisation do not have a plan in place for GDPR.

Although not being enforced until 25 May, the transition period for organisations to become GDPR compliant began two years ago, and the DMA says there is a growing belief that the benefits of the new regulations to consumers outweigh the disadvantages to businesses, with more than half (52%) of marketers believing this to be true.

“It is encouraging to see that GDPR awareness and preparedness is at an all-time high, with marketers increasingly optimistic about the benefits of the new legislation,” said Chris Combemale, CEO of the DMA. “GDPR is a fantastic opportunity for organisations to build consumer trust and highlight to their customers the benefits of sharing their data. Organisations should use it to build a culture within their business of putting the consumer first and improving their experience.”

68% of marketers believe their employer is either on track or ahead of schedule with GDPR compliance.

In response to the findings that one in four marketers’ (27%) believe their organisations are either behind schedule or without a plan, Combemale said: “While the Information Commissioner’s Office (ICO) has stated that they will be pragmatic before handing out penalties, these companies must show evidence that they are doing everything in their power to be ready. Otherwise they won’t just be receiving fines from the ICO; they could lose their customers’ trust and be at risk of security breaches, with the reputational damage posing a real threat to brand and share value.”

Over a quarter of marketers have received no specific training in GDPR

One of the biggest priorities for marketers and their organisations surrounding GDPR and highlighted in the report revolves around staff training – with a spike in the past six months in the percentage of marketers who feel they have received appropriate training for GDPR, up 21% from November 2017 to 54% in the latest survey.

But the DMA says it’s a concern that despite the complexities of GDPR compliance and its impact on how organisations communicate with customers, more than a quarter of marketers polled (27%) have had no specific training to date. 34% felt that more training was needed and approximately 68% believed training will help their organisation comply beyond the deadline.

Find full details on the report on the DMA website, here: https://dma.org.uk/article/gdpr-and-you-chapter-five 

Two thirds of UK firms won’t be GDPR compliant by May 25

New research says UK companies are massively ill-prepared for this week’s General Data Protection Regulation (GDPR) enforcement deadline.

Less than a third (29%) of organisations surveyed by USB drive specialist Apricorn felt confident they would comply, and when questioned further and asked whether there were any areas they might be likely to fail, 81% could think of some area of the new requirements that might cause them to fail when it comes to GDPR compliance.

Fifty per cent of organisations who know that GDPR will apply to them admit that a lack of understanding of the data they collect and process is their number one concern relating to non-compliance.

On top of this, almost four in ten (37%) believe they are most likely to fail because of gaps in employee training, and almost a quarter (23%) say their employees don’t understand the new responsibilities that come with the GDPR.

While one in ten still regard the GDPR as a mere tick box exercise, a substantial proportion do view it as being of some benefit to their organisation – for example 44% agree that the new regulation is a welcome opportunity to overhaul their organisation’s data handling and security processes.

The most commonly taken step so far, for those who say they will be at least somewhat prepared for the GDPR, is to review and update their security policies for mobile working (67%). However, 30% still worry they could fail to comply due to mobile working, and almost a quarter (22%) of respondents are concerned they may fail due to a lack of encryption.

“Data or personally identifiable information (PII) is at the heart of GDPR and mapping and securing it should be every organisation’s number one priority. By now, all employees, from the top down, should have an understanding of the importance of GDPR and the role they play in keeping this data safe,” said Jon Fielding, Managing Director, EMEA Apricorn. “While we know that many organisations have provided some form of employee training, clearly in some cases this hasn’t been effective and organisations should address these gaps urgently.”

  • 1
  • 2