While studying in Ireland last semester, the General Data Protection Regulation (GDPR) was a main focus in my business courses, and my professors emphasized the impact it would have on global marketing. When I returned to the U.S. on May 20, GDPR wasn’t being treated as another cryptic acronym my friends needed to know for school—it was still a key topic in the news regarding U.S. organizations, since it was going into effect in the EU just five days later on May 25.
Summary of GDPR
If you need a refresher, GDPR was implemented to strengthen and unify data protection for individuals within the European Union (EU). It addresses exportation of personal data outside the EU through the differentiation of data processors and data controllers. The data processor obtains, holds, and processes data on behalf of the data controller. Data controllers must comply with the new rules regarding collection and usage of data, while data processors must process the data as instructed, without taking ownership.
For organizations outside the EU, this regulation is tricky due to the universal reach of digital marketing. Some organizations are already compliant with GDPR if they market specifically towards a non-EU audience and do not intend to obtain business or information from users in the EU, but this usually isn’t the case.
Things become more complicated for organizations who market to a combination of EU and non-EU residents. If the GDPR’s scope applies, compliance is mandatory and the consequences aren’t insignificant. Any kind of breach could result in fines of 20 million euros (around 24 million USD) or 4% of annual revenue, whichever is greater.
The Future of GDPR
Even if you’re compliant with GDPR regulations now, brace yourselves for the inevitable spread of privacy policies in the future. This new EU regulation has pushed businesses to develop global privacy sharing practices and has inspired statutory innovation in the United States.
California recently passed the Consumer Privacy Act, which takes effect January 1, 2020, and gives consumers more control over their personal data (much like GDPR). The act defines personal information and grants California residents the right to request details about how their information is disclosed, shared, and sold from covered entities. Under the CPA, California consumers will have the option of preventing tech companies from selling their personal data, and the parents of children under the age of 16 must opt in to allow companies to collect any of their children’s information.
Direct Mail as a GDPR Solution
The solution to your GDPR concerns? Direct mail. According to the GDPR experts at Paragon Group, direct mail is compliant with GDPR because organizations can make a case of legitimate interest for sending marketing mail. Legitimate interest involves balancing the interest of data controllers and data subjects. Direct mail remains an opt-out medium where consent is not required, but legitimate interest may be argued. As these policies become more specific and spread beyond the EU, developing a marketing strategy your business knows won’t infringe on developing regulations would be prudent.
Not only does direct mail have the potential to prevent possible company mishaps, it is also an easy way to keep in touch with consumers. Different profiles, email addresses, and filters that come with digital marketing hinder organizations’ ability to stay connected to customers and prospects, but a verified postal address is a good way to stay connected. Direct mail is also considered more trustworthy and less intrusive than digital communication because it’s tangible, it doesn’t disrupt activities, and it can be viewed at the recipient’s leisure.
Why this Matters Moving Forward
All organizations want their communications to be productive in order to build strong, loyal consumer relationships. Direct mail drives recipients to make online purchases (92% of direct mail recipients are driven to an online or digital activity and 87% are influenced to make an online purchase) and it does something digital platforms are finding increasingly difficult to do: it cultivates consumer trust.
It’s only going to get more difficult to respect your customers’ and prospects’ privacy concerns, maintain compliance with growing consumer privacy regulations, and still reach your target audience. In many ways, GDPR brings out the strengths of direct mail—to remain relevant and fulfill the interests of the consumer.
Subscribe to SpeakingDIRECT to have new articles delivered to your inbox as they post. We promise to keep it fresh and interesting.