I’ve received 17 emails and one letter regarding the GDPR. They have all asked me to confirm my details and permissions. One apologised, rather oddly, for contacting me outside of the ‘normal’ contact methods. Normal here, I think, implies in conformity with the current regulations.
It shows that many companies are treating the GDPR as if it is already live and, as has been said a number of times on these pages, that’s the way to think of it. If you gain email addresses other than in conformity with the GDPR then you’ll have to change permissions by the deadline.
The letter differed somewhat from the emails, presumably because there was no landing page to click through to. It did not ask me to confirm my permissions but asked for me to tick boxes. One was for the company’s email marketing list, which I subscribe to, and another was for an e-newsletter. Not a company to miss an opportunity.
It seems as if many companies are checking systems.
If their history is anything to go by, the ICO is unlikely to opt for prosecutions of small or medium sized businesses for not conforming precisely to the Regulations. As long as a company can show they tried, a warning and directions as to what to do in future are normally seen as enough. Whether this is enlightenment on their behalf or a reflection of their budget is unknown.
However, non-compliance has other implications. Email marketing depends to a great extent on trust and once it is lost, it is very difficult to regain. Further, as has been shown by the Facebook fiasco, the public treat the security of data more seriously than it did even a few years ago. Not only that, a company can be sued and damages can be crippling.
The GDPR affects email marketing now, this instant. If you are dragging your feet and waiting for the go-live date, then what will be your response to a company that says it is unwilling to share data with yours unless you conform?
25 May is a date in the future that influences us now.