<img height="1" width="1" src="https://www.facebook.com/tr?id=312364832566616&amp;ev=PageView &amp;noscript=1">
http://www.goldenspiralmarketing.com Golden Spiral Fri May 10 18:17:14 2019
Read Time: 9 Minutes Inbound Marketing

GDPR for B2B Tech: Sales and Marketing Tips You Need to Know

As we discuss below, consumer privacy and data protection is changing how we do business. These issues have come to the US with the advent of the California Consumer Privacy Act (CCPA). Read our step-by-step article and download our complete checklist for building your strategy, preparing your website, and training your staff.

GSBLOG19107 - 190000 - California Consumer Privacy Act - i.01_Angle Headline

This scenario is far-too-common in a digital world of noise: It’s Monday morning. You’re digging out of your inbox, and you’re on autopilot with your series of familiar senders and subject lines. Scroll. File. Star. Delete. Maybe bulk delete. And then, you see one that isn’t so familiar. It’s a cold email approach from a sales rep. The person, the content, and the company are all completely unfamiliar. You’ve never visited their website or downloaded a single piece of content, yet, they are using your personal information. You feel a mix of violation, frustration, and annoyance as reach to punch “mark as spam” and “delete.” Questions run through your head.

How did that person get my email? Is my name on a list somewhere? Did someone sell or purchase my data without my consent?

Unfortunately, the answer to that last question is “probably.”

Scenarios like this—and the abuse of personal data on a global scale (think Facebook)—brought out the need for the General Data Protection Regulation (GDPR).

In short, the GDPR states that if your organization is located in the EU, and/or stores and processes data of citizens living in the EU, your data and data processes must comply with numerous regulations outlined in the GDPR. The regulations went into full effect on May 28, 2018, and non-compliance is now accompanied by hefty fines.

Now that the GDPR has been in full-effect for a full year, most businesses who needed to comply with the regulations have done so (amidst panic and long workdays, nonetheless). HWB, a team of advisers and accountants in Southampton, Hampshire, England, outlines the impact of GPDR on small-medium enterprises in this detailed article.

But many businesses—specifically B2B tech companies who are located in the U.S., and strictly sell to other businesses in the U.S.—have ridden the bench on the sidelines without changing much of their data policies.

Are you one of those businesses asking, “Okay, now what?” Here's a plan for how to move forward:

Don’t Ignore the GDPR

It’s easy to feel inclined to ignore the GDPR if your tech business isn’t located in Europe or isn't targeting citizens of the EU, but, it’s essential to keep in mind one fact: the GDPR was designed to reflect the digital world we are living in now and to bring the importance of privacy, data, and consent to the forefront. This means that even if right now, your tech business doesn’t need to comply with the GDPR, it is where regulation is moving.

In other words, take the time now (when fines don’t apply) to get your data policies in line so you’re one step ahead.

GDPR & B2B Tech Sales and Marketing

Getting your B2B tech company on a path toward GDPR compliance also means improving your sales and marketing efforts. That annoyance, frustration, and violation you feel when you receive an unsolicited email or see an online ad is the same feeling your prospects feel when it happens to them.

Here’s what you can do now to ensure your data is GDPR-compliant, and you’re improving your sales and marketing efforts.

Update Your Privacy Policy and Notify Subscribers

According to the GDPR, you must let individuals know how their data is being stored and used. This is most commonly done using your business’s privacy policy.

If you haven’t done so already, audit your privacy policy to find gaps and vague content, and update it with precise information on how data is used and stored.

An updated privacy policy is an excellent reason to email all of your subscribers to let them know of your updates, and prove your business is on the cutting-edge of technology and privacy.

Ask Users to Opt-In on Forms

Do you host webinars? Write eBooks and other content offers like white papers? Do you have a “request a demo” form? I’m sure the answer is “yes” to at least one of those.

This means, under the GDPR, your form needs to allow a user to provide opt-in consent before you are allowed to track, retarget or mail those users. This opt-in consent should be added to the bottom of your forms, with a simple checkbox that is un-checked by default for GDPR compliance, like this example from HubSpot:

GS180717 - GDPR - Hubspot Form - GDPRIf you are not required to comply GDPR, but want to take a step forward with consent, you can use an auto-consent, with a clearly defined opt-out option, like GoToWebinar does below:

GS180717 - GDPR - GoToWebinar Form - GDPRWhile it feels like you may be losing out on those previous MQLs, this GDPR regulation is a marketing best practice because who wants to waste time on someone who is generally not interested?

If you use HubSpot, you can easily add this type of “consent checkbox” to any form by editing your GDPR content in your settings.

GS180717 - GDPR - Hubspot consent checkbox

Stop Emailing Your Unengaged Subscribers

Piggy-backing off that last statement, ignoring your non-engaged subscribers is always a good idea. These subscribers may have never officially given consent, and now you’re constantly hitting their inbox with content that no longer interests them.

If you use HubSpot, there is a contact property called “Sends since last engagement,” that allows you to create smart lists based on how many emails someone has received since their last engagement. Ignoring those who have been unengaged for 10+ emails is a solid start:

GS180717 - GDPR - Sends Since Last Engagement

And, you can also automatically opt out these individuals when you go to send an email in HubSpot. Their default is 11 sends since last engagement.


GS180717 - GDPR - Sends Since Last Engagement 2

If, however, you are frustrated about the amount of unengaged contacts in your system and want to keep them on board, we recommend sending an email asking them to engage. This is an excellent example from Animoto:

GS180717 - GDPR - Animoto

Notify Website Visitors of Your Cookie Usage

Internet users around the world are used to seeing banners like this one:

GS180717 - GDPR - Regular Cookies

We normally, blindly hit “accept,” without really thinking about the purpose of these cookies. GDPR aims to change that.

There are two types of website cookies: essential and non-essential. Essential cookies are necessary for providing the information requested by the user. All other cookies — such as analytics, cookies from advertisers or third parties, and other affiliates — are considered non-essential. Previously, being compliant simply meant letting website visitors know that you use cookies.

Now, that’s different. According to the GDPR, because cookies can be used to uniquely identify a person, they should be treated as personal data. This means they must provide consent for their use. The GDPR states that users must have a choice in what cookies are used — which means going beyond the standard “this website uses cookies” safeguard.

Like all other types of consent under the GDPR, providing consent to a website to use cookies needs to be a clear affirmative action — such as clicking a box to say “yes.” These boxes cannot be pre-selected.

While a simple website banner like the one above is perfectly fine for businesses that don’t need to comply with GDPR, an EU-based company has created a consent lifecycle management tool that allows you to create a cookie notification that does, in fact, give website visitors a choice.

GDPR - Custom Cookie Consent

The platform is called Clym, and is available for under $40/month. You can check it out here.

Don’t Do Anything that Violates Someone’s Digital Privacy

Even if you’re not ready to comply with GDPR, the suggestions listed in this blog are meant to get your business on the right track — to simplify compliance long term, while also improving your sales and marketing efforts.

If you’re looking for a general rule of thumb as what you should do, just keep in mind that digital privacy is still...privacy. It’s as simple as this: You’d feel violated if someone shared your information without asking you for consent, first. You’d feel annoyed if you didn’t subscribe to a newsletter, but you got it anyway. And, you’d be frustrated if you received dozens of emails you didn’t find engaging.

Treat your subscribers the way you’d like to be treated, and you’re already one step ahead.

New Call-to-action
Mark Whitlock

Mark Whitlock

Marketing Manager Mark grew up behind a DJ’s mic before entering the world of publishing. He invests his time as Golden Spiral’s loudest cheerleader.