Non GDPR compliant agencies are a legal risk

Non GDPR compliant agencies are a legal risk

f you haven’t heard of GDPR, where have you been… I want your life!

For the rest of us it is probably the biggest issue affecting human rights at the moment and definitely the biggest issue to affect marketing since the advent of the internet.

To me, it feels a little bit like human rights vs marketing.

So I recently made the trip in to the heart of the legislation and attended a workshop at the Institute of Direct Marketing, just off Oxford Circus in London. My second workshop in as many months.

Firstly, credit is due to the speaker Duncan Smith – huge knowledge and charisma, a rare combination indeed.

So what did I learn?

  • That I am already well versed in this legislation and Crush is well on the way to being compliant
  • That it is a serious issue. I hadn’t fully made the connection between data protection and human rights before. It is there and that makes GDPR all the more powerful
  • There is more that one piece of legislation in play; PECR and the Charity Commission
  • GDPR profoundly affects every aspect of marketing
  • GDPR affects every aspects of every business, any personal information stored anywhere needs to be considered, including Excel spreadsheets and staff lists
  • You can not use assume consent for b2c marketing, ever
  • Old consent is unlikely to be acceptable
  • Clients CAN NOT use any third parties agencies that are non-compliant, if they do they are immediately liable for any data issues

Crush Design still has some work to do before we are fully GDPR compliant, and the process is not easy. By the end of March we will be fully compliant. I imagine over 50% of agencies will be non-compliant by 28th May which leaves their clients exposed and therefore negligent in the eyes of the new law.

We are also working on a data solution that provides clients with the hugely important ‘verification’ of consent, as well as transparency and control which guarantees compliance to GDPR.

For more information on our GDPR solution please get in touch.