Marketing need-to-knows: does gdpr apply to b2b?
Marketing need-to-knows: Does GDPR apply to B2B?
An overview of GDPR, how it applies to B2B businesses, and how to make sure your marketing is compliant.
GDPR … protecting consumers and confusing marketers since 2018. Falling foul of the rules risks big fines, but does GDPR apply to B2B? Here’s what you need to know.
In this blog:
What is GDPR?
In short, the General Data Protection Regulation (GDPR) regulates the way businesses in Europe protect their data. It replaced the pretty outdated 1995 Data Protection Directive – much needed considering how drastically the internet’s evolved in the last 20+ years (you only have to look at the original Space Jam website from 1996 that’s still live today to see how much things have changed).
It can feel like a pain in the cookies, but breaching GDPR puts you in line for huge fines (up to 4% of your annual turnover or €20 million, whichever is bigger 😱) so it’s essential to do things properly.
GDPR ensures that any personal data is handled properly and kept safe. It’s a jargon-heavy piece of legislation, but the basic principles are simple:
- Get consent from users to process their data
- Explain how you collect data as clearly as possible
- Keep the amount of data you collect to a minimum
- Do whatever you can to prevent data breaches
- Only store user data for as long as necessary
At Sopro, we’re obsessed with data compliance. Whether it’s storing it, sourcing it, or keeping it safe. When we run your outreach campaigns, everything is fully compliant with GDPR, so you can rest easy knowing we’ve got you covered. Here’s how to get your hands on GDPR compliant B2B data.
Does GDPR apply to B2B?
It’s not just direct-to-consumer businesses that are bound by GDPR. It applies to all businesses that operate within Europe or sell to European clients. If you process any form of personal data, you have to follow the regulations. So yes, GDPR applies to B2B.
The regulation itself might not distinguish between the two, but there’s a few differences when it comes to GDPR for B2B and B2C. With B2B, you’re not expected to actively ask for consent when processing data – you can send direct marketing to business contacts if there’s ‘legitimate interest’.
If you’re doing your B2B direct marketing right, you’ll be targeting a specific person within a company that you’ve collected data on, so you’ll need to verify that you can contact them in a compliant way.
When sending cold B2B emails, legitimate interest means you’ve chosen to contact someone because you have a relevant message you think they would appreciate. When working out if your email fits this criteria, ask yourself:
- Is the risk of infringing on this person’s privacy pretty low?
- Would this person expect their data to be used in this way?
If this answer is “yes”, then you’re probably good to go. But legitimate interest is always trumped by consent. If the person you’re contacting has expressly withdrawn consent, there’s not a lot you can do.
We’ve sent over 40 million B2B prospecting emails to date, so we know a thing or two about GDPR. Our experts source every prospect just for your campaign. The perfect audience: scanned, segmented and verified just for you. See how we can help you sell more.
Does GDPR apply to cold calling?
Yes, the GDPR rules apply to cold calling too. If you’re storing a contact’s phone number in a database – as most telemarketers will – then you’ll still need to be able to prove legitimate interest on anyone you contact, and that you required the number legitimately in the first place.
As with any good prospecting strategy, make sure you do your research and have a solid reason for making the call i.e. a genuine solution for your prospect’s challenges. Nailing this down at the start will make sure your cold calling compliance doesn’t fall apart later.
It should go without saying, but stay well clear of any numbers on Do Not Call lists. Because despite being a massive breach of GDPR, has cold calling someone who doesn’t like cold calling ever worked out well for anyone? Check the numbers in your database against what’s called the TPS/CTPS lists in the UK and Europe to make sure you don’t find yourself on the receiving end of a tele-rant.
How to make sure your B2B marketing is GDPR compliant
When it comes to B2B GDPR compliance, don’t just ignore it and hope for the best. Following the rules is sexy, right? So make GDPR part of your digital marketing and sales strategy, and you’ll see rewards in the shape of more receptive prospects, and overall peace of mind.
- Only process as much data as you need to. The more you have, the more there is to justify, and the higher the risk.
- Get legal advice to make sure you’re doing everything by the book.
- Have a jargon-free privacy policy that’s easy for your customers to understand.
- Audit your systems and technology to make sure they’re fit for purpose.
- Manage and maintain a record of who’s given you data consent.
- Stop processing data the moment someone objects or withdraws consent.
Sopro’s outbound marketing service is fully compliant with GDPR. Every contact in our database has been hand-picked and verified while respecting data privacy. And with a dedicated in-house compliance team making sure everything we do is best in class and watertight, that’s what we call prospecting peace of mind. See how it works.