In the A-Z of Marketing – D is for Data
If Content is Queen – as I explained in the last blog in this series (which you can read here) then data is the lifeblood of any business. Data is what you need in order to keep your business running. Without data, you won’t know who your clients are, what they buy from you and when, what issues they are struggling with or when their birthdays are. Data is what allows you to contact your clients and your prospects, in order to keep in touch with them and remind them about what you do and how you can help them. Every business must have a database – some way of storing all the data that you need for promoting your business. Whether you start with a simple spreadsheet, use an online tool or have a custom built database, you must store this data if your business is to survive.
Nothing Has Changed
Business owners have always had to be careful about the data that they collect and store. The Data Protection Act is there to keep people safe. You’re not allowed to sell your mailing list to anyone. You must not give anyone access to your contacts and if anyone asks to see the information that you store on them, you must show them. Simple rules mean that you should never copy all your contacts in an email so that they can see everyone else’s email address and etiquette means that you should not add someone to your mailing list without first asking them. We’ve known about these basic rules in marketing for many years.
But now things are changing. From 25 May 2018 all businesses must comply with the changes that have been made to the General Data Protection Regulations (GDPR). These regulations have been in force for some time – now we all have to comply with them and show what we are doing to comply with them.
So where do you start? In the last few months I’ve read numerous blogs and articles about what needs to be done; I’ve listened to webinars that attempt to simplify the issue. Many of them are just confusing and make it sound more difficult than it really is. It would be very easy to bury your head in the sand and hope that GDPR goes away – or that your business is too small for anyone to check up on. Instead, here’s what I recommend you do, to get to grips with GDPR.
Get to grips with GDPR
- Find someone who really understands the new regulations. There are many people who claim to understand the new regulations, but have they actually read the manual? The ICO (Information Commissioner’s Office) has produced a very long and detailed book that explains it all. So far I’ve only met one person who has taken the time to study this document and it’s very small font. He is Jonathan Lane of SR Consulting. Unless someone has read the book, how can they really explain the changes to you?
- Find out how the changes apply to your particular business. Many of the blogs and articles that I’ve read are not industry specific. Look for information that relates to your business type. If you’re an accountant, an HR consultant or a coach, the new regulations will affect you in different ways.
- Think about your marketing data. Aside from the industry specific data that you store in your business, you will also be keeping marketing data – details about your clients and prospects. You need to get clear on what data you hold and why you’re keeping it. Is it up to date? If there’s someone on your database who you don’t remember ever having met and you’re not sure why they’re there, remove their details. You don’t necessarily have to ask everyone to resubscribe to your mailing list, but if you’ve added anyone without first asking them, then unless you have recorded when and where you met them – to prove that you have a reason for having them on your list – then it’s time to clean up your list.
- Carry out a data audit. In January I spent half a day with SR Consulting so that they could take me through their process for auditing the data in my business. You need some sort of written document that shows that you’ve been through such a process and that shows what sort of data you store and what you do with it. The document needs to explain your reasons for storing the data that you hold. This could be contractual – such as storing client details so that you can complete the work that they pay you to do. It could be for legal reasons, or to comply with regulations that govern your industry. The document should also show what security measures you have in place to protect the data that you store and what action you will take, should a breach in your security occur. Going through this process and producing a document to show that you’ve done it is one of the simplest ways to show that you are doing what you can to comply with GDPR.
I am not an expert in GDPR, but I do know that your business will not survive without data. I also know that if you’re not sure how to comply, you could end up doing things that result in you losing some of the valuable data that you need and are allowed to keep. SR Consulting specialise in working with small businesses and they have been supporting my business for four years now. This is why I asked them to help me with GDPR – that and the fact that Jonathan has actually read the book!
If you’re not sure what to do next about your data, either call me on 01635 578 500 or click here to email me and we can have a chat about it. Or contact Jonathan directly at SR Consulting to talk about carrying out a data audit on your business.