GDPR Compliance: A Quick Overview and Plan

The GDPR is the start of important data privacy changes that will affect companies all over the world and will have a big impact on marketing departments. It has been hailed as the “biggest change in data privacy regulation in 20 years.”

What is the GDPR?

A new regulation that will protect the data of individuals living in the European Union (EU), effectively giving citizens control of their personal data.

Personal data is defined as “any information related to a natural person that can be used to directly or indirectly identify the person. This includes names, photos, email addresses, bank details, posts on social media, medical information, or a computer IP address.”

Who is affected?

Organizations that offer goods and services to, or monitor the data/behavior of EU citizens, regardless of your company’s physical location. US companies that export or manage personal data of European citizens will need to comply.

When is it happening?

Compliance deadline is May 2018 (a specific date was not published, so we are pushing all clients to become compliant ASAP).

What’s the penalty?

You can be fined up to 4% of annual global turnover or a maximum fine of €20 Million (approx. $24M USD as of May 1, 2018)

What’s the long-term impact?

The UK has indicated it will implement an equivalent or alternative policy. Most things like this tend to start in Europe, other countries may follow in the coming years.

What's your action plan?

There’s no ‘service’ to get you compliant – you’ll have to take action yourself.

  1. Understand the law & all the compliancy rules
  2. Form a “GDPR Council” within your company, responsible for creating a roadmap (Legal, IT, Marketing, Sales, Operations). Assign responsibilities for data discovery, removal, and document everything.
  3. Assess all European citizen personal data you have stored in your marketing platforms (CRM, Social Platforms, Email Databases, Paid Media targeting, IP Addresses, etc.) 1 / 2
  4. Partner with your agencies to make sure they are adhering to the guidelines.
  5. Begin thinking about the possibility of this expanding to other countries. Develop your own internal process for adherence. Refer to this helpful checklist from Hubspot.
The Linus Group