• Cookie Policy (UK)

Certified Salesforce Partner UK - Salesforce Consultants - Salesforce Solutions

Consultants in Salesforce Marketing Cloud CDP Marketing Cloud Account Engagement - Top Certified & Experienced - 5/5 CSAT

Call +44 (0)330 808 3317
Salesforce consultant - marketing consultants, Salesforce partner UK REVIEWS
  • SALESFORCE CONSULTING
    • Pardot Consulting
      • Pardot Services to support your ongoing success
    • Marketing Cloud Consulting
    • CDP Implementation Consultants
    • Sales Cloud Consulting
      • Salesforce Managed Services
    • Salesforce Service Cloud Consulting
    • Salesforce integrators for ISV partners
      • Campaign Monitor for Salesforce
      • Emma for Salesforce
      • The Best Email Marketing Packages for Small Business
    • Salesforce Community Cloud Implementation
  • CLIENT SUCCESS
    • Clients Who Trust Us
    • Testimonials
    • Healthcare Case Study – Patient Communication
    • Salesforce nonprofit case study – LoveYourBrain’s marketing automation platform migration
    • Marketing Cloud Case Study for Church Community
    • Salesforce Marketing Cloud Case Study: Luxury Membership Club
  • ABOUT
    • Our Leadership
    • Our Team
      • Jobs
    • Our 1% Pledge
    • Press
  • BOOK A DISCOVERY CALL
  • CONTACT
    • Contact us by email
    • Call us at +44 (0)330 808 3317
    • Ask us a question
    • Get a Salesforce Demo
    • Marketing Cloud Prep Workshop
  • RESOURCES
    • What is Salesforce
      • What lies ahead: Salesforce Roadmap in 4 min videos
    • Marketing Cloud
      • Salesforce Marketing Cloud Case Study – B2B2C – Great read for Cat lovers
      • Salesforce Marketing Cloud FAQ
    • Salesforce CDP
    • Pardot
      • Pardot Naming Convention Generator
      • Guinness World Records Pardot Case Study
    • Sales Cloud
      • Hospitality Case Study
      • Grow Your Business Successfully with Salesforce CPQ
      • Campaign Monitor for Salesforce
    • Service Cloud
    • Salesforce Communities
    • Strategic Marketing
    • Other Digital Marketing Platforms and Tools
      • SEcockpit for SEO
      • Trendemon for Journey Optimising
      • Hootsuite for Social Mgt
      • WordPress
  • SALESFORCE BLOG
    • Insights for Marketing
    • For Sales & RevOps
    • Small Business Tips
    • Tips & Tools for Service
    • For Salesforce Leadership
    • Our Salesforce Webinars & Events

GDPR: What You Need to Know Today

March 29, 2017 By ASTRID VAN DORST

Hold company information? Engaged in digital marketing? If so, it’s important to prepare now for new EU data protection legislation, GDPR, – effective May 25 2018.  GDPR regulates the processing of personal data about EU individuals. Non-compliance fines can be exorbitant, crippling your company. Clean up your data storage, treatment and marketing automation-practices and other setup, to ensure you’ll be GDPR compliant.

GDPR: Important Overhaul Legislation

GDPR regulates the processing of personal data about EU individuals.

This new comprehensive EU data protection law updates existing laws to better protect personal data in light of fast technological developments, increased globalisation, and more complex international flows of personal data.  The GDPR will replace the existing patchwork of national data protection laws. There will be 1 single set of rules, directly enforceable in each EU member state.

GDPR: Broad Definitions

Beyond exorbitant fines, and applying to all of the EU, another issue that the GDPR definitions are very broad.

  • Processing includes the collection, storage, transfer or use data. It even extends to tracking their online activities. Any company, worldwide, that processes personal data of EU individuals  is within the scope of the law.
  • Personal data covers any information relating to an identified or identifiable individual (called a “data subject”).

Data protection refers to the legal control over access and usage of computer-stored data.

Who is Involved

  1. The Information Commissioner, who enforces Regulations and Compliance.
  2. The Data Controllers.  This is any company or person who collects and keeps data about individual people.  For companies, a nominated person within a company is the actual data controller, called the Data Protection Officer. This is the person who applies to the Commissioner for permission to store and use personal data.
  3. The Data Subjects. This are the individuals who have data stored about them, somewhere, outside of their direct control.

Data Protection Register

Any business, organisation or person who wishes to store personal data from people must apply to register with the Information Commissioner.  This requirement will come into effect in 2018.

There are 6 things to register:

  1. The data controller’s name and address.
  2. A description of the information to be stored.
  3. What they are going to use the information for.
  4. Whether the data controller plans to pass on the information to other people or organisations.
  5. Whether the data controller will transfer the information outside the UK.
  6. Details of how the data controller will keep the information safe and secure.


What is GDPR or DPA and why should you care about it today

.

EU GDPR’s 7 Core Changes

  1. Expanded rights for EU individuals: The GDPR expands the rights of EU individuals: including deletion, restriction, and portability of personal data.
  2. Compliance obligations: The GDPR requires organisations to implement appropriate policies and security protocols, conduct privacy impact assessments, keep detailed records on data activities and enter into written agreements with vendors.
  3. Data breach notification and security: The GDPR requires organisations to report certain data breaches to data protection authorities, and under certain circumstances, to the affected data subjects. The GDPR also places additional security requirements on organisations.
  4. New requirements for profiling and monitoring: The GDPR places additional obligations on organisations engaged in profiling or monitoring behaviour of EU individuals.
  5. Binding Corporate Rules (BCRs): The GDPR officially recognises BCRs (which Salesforce offers for certain of its services) as a means for organisations to legalise transfers of personal data outside the EU.
  6. Enforcement: Under the GDPR, authorities can fine organisations up to the greater of €20 million or 4% of a company’s annual global revenue, based on the seriousness of the breach and damages incurred.
  7. One stop shop: The GDPR provides a central point of enforcement for organisations with operations in multiple EU member states by requiring companies to work with a lead supervisory authority for cross-border data protection issues.

Data Protection Principles

Everyone responsible for using data has to follow strict rules called ‘data protection principles’. They must make sure the information is:

  • used fairly and lawfully.
  • used for limited, specifically stated purposes.
  • used in a way that is adequate, relevant and not excessive.
  • accurate.
  • kept for no longer than is absolutely necessary.
  • handled according to people’s data protection rights.
  • kept safe and secure.
  • not transferred outside the European Economic Area without adequate protection.

Sensitive Information

There is stronger legal protection for more sensitive information, such as:

  • ethnic background.
  • political opinions.
  • religious beliefs.
  • health.
  • sexual health.
  • criminal records.

PECR

You should also be aware of another law: the PECR, the Privacy and Electronic Communications (EC Directive) Regulations 2003, which are derived from European law. They implement European Directive 2002/58/EC, also known as ‘the e-privacy Directive’. These regulations work in tandem with the UK Data Protection Act.

The purpose of PERC is to give people specific privacy rights in relation to electronic communications. PERC specifies rules for:

  • Marketing calls, emails, texts and faxes.
  • Cookies (and similar technologies).
  • Keeping communications services secure.
  • Customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings.

Who’s in Charge in the UK

The Information Commissioner’s Office or ICO (ico.org.uk) is the UK body that takes enforcement-action against organisations that “persistently ignore their obligations, starting with those that generate the most complaints”.

Next year’s regulation will take things a lot further, but fines are already happening today, with Honda being in the news this month. The company is fined for sending emails to sort out its database in anticipation of the future, more stringent data protection.

Data Protection Breach

This is the issue. The new EU General Data Protection Regulation (GDPR) will into effect on 25 May 2018. When enforced, companies who breach the law could be faced with dramatically higher penalties than ever before:

While previously the highest penalty ever issued was £400K, the new penalties could amount to €20 million or 4% or annual global turnover, whichever is higher. Could your business survive that kind of penalty? Best to be avoid it! With 14 months left to get organised, now is the perfect time to get prepared, and get ready to work with clean (double) opt-in lists only, further protection and adequate processes.

Our Pro-active Role

What do we see as our role in preparing the UK Marketing Automation Industry for Upcoming Data Protection Act – Legislation? Our focus is helping you, pro-actively. CloudAnalysts’ MD Jimson Lee is part of a steering committee for the marketing automation industry in London to help companies be fully prepared and compliance with the upcoming legislations. He is speaking / organising talks on a number of occasions this topic, e.g. at the Salesforce London Marketing Cloud User Group.

Note: We are facilitating consultants, not lawyers, and so you and your companies must seek their own legal counsel to ensure their compliance to the law.

 

Last Updated on May 6, 2021

Filed Under: Marketing Tagged With: Data Protection

Want better
revenue marketing?


Expert UK salesforce consultants
Start today.
Get a FREE consultation with our Salesforce experts.



Follow us

LATEST ARTICLES – Tips & Insights from Salesforce experts

  • Salesforce Pardot for Lead Management: “A Leader” says Gartner
  • What is Marketing Cloud Account Engagement Optimizer
  • How Salesforce Service Cloud and Pardot can refine your marketing strategy
  • 15 Tips for cold email that converts
  • Millennials Marketing – Email is best way to reach ‘m 📣
  • Salesforce Genie 🧞 – what you need to know
  • Email personalisation is the new conversion rate optimisation
  • Salesforce winter 23 release notes best free features
  • What is Salesforce Integration? – An introduction
  • What are the Salesforce Characters? – Meet Genie
  • Use our email delivery best practices – for email hitting inbox
  • New Salesforce trailhead ranking for rangers
  • Using Pardot for events – Howto & Tips
  • Salesforce release notes – schedule Winter 23
  • Contact form spam protection in Pardot – 10+ ways to prevent form spam
  • 5 Tips to get the most out of Dreamforce 2022
  • Pardot Name change to Marketing Cloud Account Engagement
  • Grow Your Business Successfully with Salesforce CPQ
  • Salesforce Marketing Cloud August Release
  • New Pardot Landing Page Builder – Coming Up Next!

TOPICS

Salesforce Marketing Cloud Specialists Consultants UK - CloudAnalysts

Salesforce Consulting Partner
CloudAnalysts Proudly Took the 1 Percent Pledge
CloudAnalysts Proudly Took the 1 Percent Pledge

CloudAnalysts
Ridge Salesforce UK Consulting Partner
0330 808 3317

Experience in serving clients
in the UK and Ireland,
EMEA, US and Canada.

Registered office
1 Rosemont Road
London NW3 6NG
UK

WHAT CLIENTS SAY


star_rate star_rate star_rate star_rate star_rate

"Exceptionally well executed project"
"CloudAnalysts did an excellent job designing and implementing our Salesforce Marketing Cloud solution within 2-3 weeks to swiftly migrate from Oracle Service Cloud ensuring business-continuity." -- CIO


star_rate star_rate star_rate star_rate star_rate

From scoping to delivery, Cloud Analysts were professional, knowledgeable, flexible and accommodating." -- IT Projects Delivery Manager


star_rate star_rate star_rate star_rate star_rate

"Exceptionally talented marketeers"
"Helped me reframe my thinking about how we should be approaching sales and marketing." -- Head of Operations and Franchise Development


Copyright © 2023 CloudAnalysts, owned and operated by Aryta Ltd. | Privacy & Cookie Policy

Manage Cookie Consent
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behaviour or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
View preferences
{title} {title} {title}