Selligent Marketing Cloud experts April Mullen and Steven Dimirsky recently hosted a webinar on maintaining email communications through GDPR and CCPA compliance. April is an expert at helping our brand clients increase engagement and maintain marketing. Steven is our Senior Counsel and a whiz of a resource when it comes to all the new data privacy regulations. Together, they offered a marketer's understanding of the new regulations, with practical tips to help you to sustain your marketing and communications. Here, April shares a few of those tips and best practices. We encourage you to listen to the full webinar for a deeper dive – just use the link at the end of this post to download it for free.
EU: Charting the Course for Privacy Today
The EU is already leading the way for setting privacy standards and was quick to respond to the post-digital age with the passage of the General Data Protection Regulation (GDPR) in 2018. The GDPR, which regulates data protection and privacy for all individual citizens of the EU and the European Economic Area, is having a massive effect on data privacy standards across the globe as it also addresses the transfer of personal data outside the EU and EEA areas. Most brands and marketers doing business in the region are already well-acquainted with this legislation, having prepared before the deadline last year.
The American Response
To date, the United States has limited individual privacy protections. As it stands, data privacy is still a patchwork of regulations that are typically industry/vertical specific, and don’t broadly protect consumers from information exposure.
Moreover, unlike the GDPR in the EU, there is yet to be a single entity to govern and safeguard information privacy. But with the Cambridge Analytica and Facebook scandal during the 2016 election, along with the enactment of GDPR in Europe, Americans are becoming more concerned about privacy and increasingly voicing their desire for federal and local protections. According to some recent statistics:
- 85% of Americans are concerned about their privacy
- 66% accept certain risks
- 75% would stop doing business with a company that was irresponsible with their privacy
There are a lot of state and federal laws coming that could affect how privacy compliance is enforced, most notably the California Consumer Privacy Act (CCPA): a bill that goes into effect January 1, 2020, to enhance privacy rights and consumer protection for residents of California, so it’s critical for marketers to understand it. Privacy in the U.S. is an evolving landscape, and other state laws will no doubt be modeled after CCPA. So it’s critical for marketers to be aware of the regulations, variances, and changes, to ensure compliance.
GDPR & CCPA: A Comparison
For a more in-depth look at the similarities and differences between the EU and California regulations, and the specific rights of consumers and data subjects under each, I encourage you to listen to our webinar. What’s important to note is that both laws are extraterritorial, meaning that they are valid outside of the country’s or state’s territory. So if you do business in any of these countries, or in California, you need to comply with the regulations.
Data Privacy Regulations & Email Marketing
So what should you, as an email marketer, do to prepare for CCPA? In our webinar, we share some good examples of what leading brands are doing regarding privacy, as well as tips on what you should do to prepare. Here are a few email best practices and key considerations for marketers regarding data, to turn privacy to your advantage:
- Be approachable when you ask for data
- Offer valuable or meaningful incentives in exchange for customers’ data
- Make it easy for your customers to consent & to change their preferences at any time
- Reconsider your use of third-party data, since CCPA gives consumers the ability to request source of data
- Reevaluate data fields on your forms & profile pages
- Only collect data you have a clear, near-term use for
- Have processes and mechanisms in place to delete consumer data
- If you are selling consumer data, understand how the law affects your business
How We Can Help
At Selligent, we strive for the highest standards in personal data privacy and security. We are certified in ISO 27001 and ISO 27018 in both Europe and the United States, and we partner with our clients to store their data in accordance with their needs and the regulations they are subject to. Our platform is extremely flexible, offering data security options, forms, a self-service database structure, and easy connection to CRM systems. And we built our new Consumer Information Management Tool to help our clients respond to their consumer data requests under GDPR and CCPA requirements.
We want to do whatever we can to help ensure our clients are prepared for CCPA, as well as compliant with GDPR and any other current and future regulations that are enacted. Please contact us if you have any questions about data privacy regulations and preparedness. Our Selligent team includes experts in data privacy, marketing, and maintaining email communications, and we’re ready to help you.