The market for business mailing data and email marketing lists changed after May 2018. Marketing departments stepped back from buying cold email and mailing data for fear of tripping up over the new GDPR regulation.
But social media, blogs and vlogs do not pull in direct sales in quite the same way as email marketing. Marketing teams selling in to businesses are getting to know GDPR and looking beyond the scary headlines of last summer to discover that for b2b marketing, GDPR does not mean the end of great email marketing campaigns.
But there is a check list of key changes to run through before you hit send on an email marketing campaign to cold prospects.
1. As before, your business marketing email must contain an unsubscribe mechanism and if a prospect requests to be removed from your list, you must not email them again. Simply keep a file of the unsubscribed email addresses.
2. Emailing a bought in or cold email list means that you cannot contact sales prospects on the basis of consent for collecting and processing data: instead you must rely on the basis of legitimate interests. The Information Commissioner's Office has issued guidelines which confirm that business-to-business direct marketing can be a legitimate interest. But a company must carry out a Legitimate Interests Assessment, make the Assessment available ie put it on your website and best practice dictates that you put a link to your assessment on your business marketing email. Or put a link to your company's Privacy Policy which contains a link to your LIA: this is termed a 'layered approach' by the ICO. The layered approach means that you are not putting too many links into your marketing email and attracting the unwanted attention of email filters and blockers.
3. Your sales prospects have a Right To Be Informed that you hold their name on your mailing list. This can be incorporated into your statement at the end of your email which links to your Legitimate Interests Assessment or Privacy Policy. Electric Marketing's sign off is currently
“As a GDPR compliant company, we would like to explain why you have received this email. We believe that you have a need for business marketing data within your business. We have identified your email address as being an appropriate point of contact within your organisation. This represents legitimate interest in line with the ICO’s guidance. Our Privacy Notice is available here”
And finally, if your company is still worried by those scary headlines that we all read earlier this year about career-ending fines for non-compliance with GDPR, read the Information Commissioner's blog where she states that issuing fines has been and always will be a last resort. If you slip up and are found to be non-compliant, the ICO will advise you of the changes that you need to make, maybe they will take enforcement action to commit your organisation to comply with GDPR. The ICO has the serial and wilful abusers of data protection in its sights. Companies which can show that they have made efforts to comply with GDPR are unlikely to be hit with financial penalties.