How Pinpointe Is Preparing for GDPR
A new data privacy law set to roll out in May will change the way businesses collect and store customer information.
The General Data Protection Regulation (GDPR) is the biggest data protection law we've seen in more than two decades. It gives consumers more power over their personal data and means companies have to make some big changes to comply with the new regulations.
Does GDPR affect everyone?
Odds are, if you collect email addresses online, you have European subscribers. That means you'll have to comply.
While the regulations are only applicable to EU citizens, many companies are updating their entire email marketing process to comply with these new standards. Why is that? Most experts think this regulation is just the beginning of a widespread need to tighten data security everywhere.
For that reason, many companies are updating their entire email marketing strategy and bringing every contact – whether they're EU citizens or not – into GDPR compliance.
Pinpointe's commitment to GDPR compliance
At Pinpointe, we're taking steps to help our customers comply with the new rules.
We have always strived to meet or exceed the industry's toughest privacy regulations and GDPR is no different. Here's how Pinpointe is preparing for the new privacy law:
From its inception, Pinpointe recognized the responsibility in data collection. We designed Pinpointe to help businesses better understand their customers and promote their products via email, but to do requires collecting personal information like names and email addresses.
We understand the gravity of data collection and have remained diligent in our security efforts to ensure information is safeguarded.
When GDPR was introduced in 2016, Pinpointe set two goals: to make sure our practices were GDPR compliant and to give customers tools to help them become compliant as well.
Here's what we've been working on:
- Audit our personal data collection and storage process
- Strengthen data collection protocols
- Update privacy documents
- Appoint a data protection officer
- Provide customers with opt-in records that show time stamped consent
- Educate customers about the new law
Pinpointe tools that can help with GDPR compliance
If you're a Pinpointe user, you're in luck. We've already taken steps to help you comply with Europe's new data privacy law.
Inside our advanced email platform, you'll find several tools that can aid in GDPR compliance:
Under GDPR, subscribers have to give their consent before you can email them. Most brands have an opt-in process that asks subscribers for consent, but there's a little more to it now.
Before collecting a person's information, you have to tell subscribers how you'll use their information and what steps can be taken to withdraw consent.
Specifically, you have to tell subscribers:
- Who and where your company is
- Why you want their information and how you will use it
- Whether or not data is shared with anyone else like vendors or third parties
- How long data is kept
- How to opt-out of your list and how personal data is erased from that point
- How to they can report any suspected problems with data security
Any time you collect customer information, you have to be explicit in how you'll use the customer's information. This means you'll have to update the language on your opt-in pages to provide all of this information.
Keeping better records
Companies need to update their record keeping procedures under GDPR too. You basically need records that show your compliance with the new regulation. That way, if a subscriber reports your company for violating the GDPR, you have proof to show otherwise.
One of the records you'll need to keep is proof of consent. Pinpointe users can access this information from their account. We keep opt-in records that provide a time and date stamp that reflects when a subscriber joined your list.
Here's an example of the file you can save for your records:
Make opting out easy (and be prepared to remove data too)
GDPR gives subscribers the power to not only opt-out of an email list, but have their data removed from servers as well. It's aptly referred to as "the right to be forgotten," and gives customers the power to grant and remove their personal information with ease.
Pinpointe has access to these features to help:
- Unsubscribe footer
An unsubscribe footer is automatically added to every email. If a subscriber wants to opt-out, Pinpointe removes their name from your list for you.
Here's a simple, two-word unsubscribe option that's added to the bottom of this email.
- Access master unsubscribe list
You can view your unsubscribe list at any time to see a running list of contacts that opted out. You can use it as a checklist to wipe customer information from your server if the customer wants to be forgotten.
- Delete contacts
If a customer contacts you via email or calls your customer support line asking to be removed from your email list, you can go into your Pinpointe account and delete contacts manually by managing your database.
Your subscribers also have the right to have their information updated. If a customer reaches out and wants to make these revisions, you have to comply.
In truth, updating your records is beneficial to the subscriber and to your company. With up-to-date information, you can send relevant emails that the customer actually wants.
Pinpointe customers can simply search their database of contacts, locate the subscriber, and edit their information. You'll find a form full of fields that you can update.
Breaking the rules is costly
GDPR isn't a suggestion or directive, it's a regulation. It has binding legal force, which is a fancy way of saying if you break the rules you're land in legal trouble. To make sure companies take the new regulation seriously, there are strict penalties in place for those who don't comply.
The maximum fine your company can face for violating the rules is up to 4% of your global annual turnover or $24 million, whichever is higher.
It's a steep penalty meant to show companies how serious the regulation is.
GDPR marks a dramatic shift in data collection, storage and usage. At Pinpointe, we're making every effort to help our customers comply with these new rules and will keep you updated on future changes that are applicable to GDPR compliance.
To learn more about GDPR and the additional changes you should make to your email marketing strategy, check out our recent post, "GDPR and Email Marketing: How Will Europe's New Privacy Laws Affect Your Email Marketing?"