The introduction of the GDPR next May is now a topic on the agenda in many boardrooms across Europe and that includes channel players. Two resellers spoke to us about their own state of readiness for the new legislation and how they were advising their customers.
The GDPR is a huge piece of regulation that will have a significant impact upon business in the UK. Compliance with the regulation is not going to be simple and for many firms the whole process looks daunting. This means there are opportunities for the channel to provide advice and other services to organisations needing help. But how are resellers managing their own progress towards compliance?
Paul Buckle, Head of Customer Data at Nine Group told us that the GDPR and future revision of the Data Protection Act bring with it some additional requirements as well as opportunities in improving the quality, quantity, relevance and benefits we gain from our customer contact data.
“The resulting benefits our customers receive from our management of their data helps to maintain good and relevant business relationships.
Our approach has been to harness the benefits of these changes rather than view these as an additional burden. Nine has revised the internal data protection, security, retention policies, associated processes and the provision of annual data protection training across all staff, to ensure we remain ahead of the GDPR and also to ensure these benefit the organisation and our customers. This is supported by our approach in the ‘intelligent use’ of our data; ensuring that customers receive information about products and opportunities that are relevant to their business.
Our B2B business model allows us to focus on creating platforms and processes that enable of our customer contacts to manage their preferences and, if they wish, to opt out from marketing communications, whilst retaining the type of ‘business as usual’ communications that we need to deliver as part our business relationships and regulatory requirements.”
Andrew Skipsey, Managing Director of Fareham based reseller M12 Solutions, is concerned over some of the detail of the GDPR and where many companies, including his own, may fall foul of the new data protection rules.
“Essentially, we know what we have got to do and my principal concern is to move M12 to a new world where ‘opt-in’ is managed properly and we can show real accountability.”
Skipsey has some concerns however over everyday activities he currently undertakes and how they may be affected by the GDPR.
“We have a telemarketing team and buy in customer data to canvass for sales leads. How will we know for certain these companies and individuals have opted in to being called by us?
Likewise, we have sales people canvassing business estates and enquiring who in a company is responsible for purchasing telephone systems, getting a name and a compliment slip and then calling that person for an appointment when they are back in the office. How will they get an opt-in from that contact?
I can see many resellers like ourselves that still use old-school techniques such as these that will face the same questions.”
In fact, the question I would ask is ‘how do you actually find customers except by advertising in the new GDPR world?’ Can I use LinkedIn for example, to canvass interest in our products with my contacts there?
How are you advising customers?
Paul Buckle says Nine Group has taken expert advice on the issues relating to the GDPR and revised DPA in order to ensure we comply with the GDPR. We have used this advice to prepare and deliver Data Protection webinars and supporting documentation that is sufficiently generic to assist our Partners in becoming aware of the GDPR and its impact on the DPA.
The essence of our support is focused on helping our Partners to understand the GDPR in general, and more importantly, guiding them on where to obtain more information. Our Partners will have differing business models and corresponding data requirements, some of which may require specialist advice.
Back at M12 Solutions Andrew Skipsey is certain that the legal professions – who are already selling ‘GDPR-as-a-Service’ and other consultancy firms, are clearly going to be making a lot of money out of the GDPR.
“We do a lot of work with Hampshire Chamber of Commerce and attend many networking events where we make very useful contacts that frequently lead to new business. At the same time, I receive an awful lot of ‘spam’ from fellow members promoting their own services. I’m not sure I ever opted in for that.
Clearly the GDPR has been designed, authored and issued by mandarins in the EU that have never had to personally conduct business at the coal face and therefore have no idea what they are asking us to do. At the same time, of course I understand and acknowledge the need for privacy of personal data. It’s just that I don’t believe the EU understands the principle of unintentional consequences.”