Whether you have Big or little data – do you have the right to use it?
Direct marketeers need to be aware that people are increasingly concerned about the data businesses hold about them, why they have it and how it might be used. This concern is illustrated perfectly by problems experienced by financial services group Klarna - https://www.bbc.co.uk/news/business-54521820.
I can’t help wondering if this is a small flavour of why I see as likely to become a bigger issue as people move to protect their data; especially if it is used by businesses with which they have no apparent connection.
Sadly, I remain disappointed and frankly amazed by the way in which organisations appear to flout or mis-understand the General Data Protection Regulations (GDPR) that govern data usage.
Having been spam emailed by a business recently, I complained and the sender misguidedly replied; ‘consent to send email is not required for UK B2B marketing Communications.’ Not true, to quote the ICO; 'GDPR applies wherever you are processing ‘personal data’. This means if you can identify an individual either directly or indirectly, the GDPR will apply - even if they are acting in a professional capacity. So, for example, if you have the name and number of a business contact on file, or their email address identifies them (eg [email protected]), the GDPR will apply.'
The business then cited legitimate interest as the reason for bombarding me. I’ve no idea why they thought I needed a warehouse building!
The risks of reputational damage from the use of personal data in B2B and B2C marketing, especially prospect marketing has to be on the increase as people become more conscious of identity fraud and as they seek to control their data.
Relying on ‘legitimate purposes’ for B2B email prospecting, using bought-in databases/list rental and relying upon 3rd party commercial email verification services all come under ‘unacceptable risk’ for me, as does the use of data ‘farming’ when people are almost forced to surrender their data without transparency on its use. As an example, a well-known car and bicycle retailer no longer provides receipts and insists on an email address as the only way they can send it.
The result of this digital receipt approach, from my experience; I was immediately added to their direct marketing without opting in. GDPR dictates that if a business plans on using a customer’s email for anything other than that receipt they must tell them at the checkout so that they choose to opt-in to receive marketing or not.
Reputation is everything in business, abusing people’s data as a low-cost marketing tool places that at risk.