Things are about to change in the world of data protection and it will affect everyone in the property industry, and broadly speaking, everybody in business. The General Data Protection Regulation (GDPR) is the result of four years of work by the EU to bring data protection legislation into line with new, previously unforeseen ways that data is now used.
The new legislation will have a dramatic impact on businesses and the way they hold customer information, and it will not just affect those who collect data, but those who process it too. Any business that collects data needs to ensure that explicit consent has been given and that all relevant information is communicated in plain, no nonsense terms.
How does it differ from the UK Data Protection Act?
It supersedes the UK Data Protection Act 1998 and provides more comprehensive and far-reaching criteria for businesses to adhere too. It’s designed to strengthen data protection for individuals within the European Union, giving people more control over their personal data and arming them with the ‘right to be forgotten’.
What about non-compliance?
It becomes legally enforceable from 25th May 2018 – with tougher fines for non-compliance and data breaches predicted. The GDPR will, among other things, give the ICO the power to impose significant fines of up to €20m, or 4% of annual global turnover. It comes into force regardless of the UK’s decision to leave the EU and post Brexit, it’s likely that the UK Government’s Data Protection Bill which mirrors GDPR will essentially do exactly the same thing.
GDPR is a golden opportunity for marketers
Sure, GDPR does sound intimidating and the fines issued by the ICO are enough to make some rethink their entire marketing strategy. But, in reality, this new legislation is a great opportunity for businesses to build targeted, timely and more appropriate marketing campaigns with a GDPR-compliant database of fully engaged customers who are more likely to respond, thus boosting ROI.
How does it affect property marketing?
Often considered the start of the sales process, an individual that willingly gives you their email address in exchange for more information, such as signing up to your mailing list or registering on your website, is known as an ‘opt in’. Ensuring users opt-in to your email marketing campaigns and give consent to be contacted will be a requirement, rather than automatically adding them to your email list and then waiting for them to opt out. While this is best practice today, it will be an EU law in 2018.
Both new and existing customers will need to give their consent to you in order for you to hold and use their data, which may mean running resubscription campaigns for your existing customer databases.
Similarly, any information on individuals collected by sales suites must be handled in the same fashion; explicit consent must be received and it must be clearly outlined in policies how the data will be used. As such, Pixel Selectors are being adjusted to comply and therefore all data collected through these systems will be fully compliant.
But wait, there’s more
GDPR isn’t the only new legislation businesses need to be aware of; the proposed new ePrivacy Regulation aims to be an update of the EU ePrivacy Directive of 2002. It addresses EU-wide limits on the use of electronic communications and in particular, the areas of unsolicited marketing, cookies and confidentiality are covered in a more specific context. The proposed regulation aims to fall in line with the GDPR and is currently in draft form but expected to also be in force in May this year.
Despite the intimidating complexity of the GDPR, putting individuals back in charge of their personal data can only be a good thing for marketing and property as a whole. It will lead to an increase in data quality and negate the need for the traditional ‘one size fits all’ approach to marketing.
Alongside the emerging PropTech disruptors, the updated legislation is also indicative of the overall sea change that is occurring in the digital side of the property sector and reinforces the need for those in the sector to ‘do more digitally’.
Note that this article represents the views of the author solely and is not intended to constitute legal advice.