What is GDPR and Why Should your Customers Care?
There is no escaping GDPR for sales team, it stands for General Data Protection Regulation. GDPR is a data privacy law set out by the European Union (EU) and it became enforceable from the 25th of May 2018. You might think only IT teams and marketing specialists would need to worry about compliance with GDPR but it will certainly have implications for you has technical salesperson. When you’re selling to a business, you interact with individuals and their personal data every day, this means that many of your activities may fall under GDPR scope.
For sales teams, the biggest question is what is considered compliant within for the GDPR. This blog post will provide you with necessary information to help you answer this question. But first you need to understand the history of GDPR.
Background of GDPR
Although this law has emanated from the European Union (EU), it does not matter where your company is based as the GDPR laws have been written to apply to where the customer resides rather than where the business resides. Failure to comply with GDPR can result in hefty fines and the extent of the fine received will depend on how severe the breach is, and what compliance actions you’ve taken as a result of the breach.
Impacts of GDPR will bring about a new level of transparency into data collection, storage and usage
The GDPR aims to safeguard the fundamental rights and freedoms of natural persons, in particular their personal data. The below diagram depicts the GDPR individual rights. Finally, it is important to note that GDPR is a complex topic and will require your customers legal teams to go through the legislation with a fine-toothed comb.
How do I Know if GDPR Applies to My Clients?
The first step in determining what GDPR means to you and your clients and find out does it apply to you and/or your clients. The below diagram is a simple way to determine the applicability of GDPR.
The first element in complying with GDPR is the protection of data, you need to make sure that your clients systems are secure and protected and that you have constant monitoring in place to ensure that any data that you have collected is safe.
The GDPR regulations are targeting the collection, processing, storage, and disclosure of personal data for individuals within the EU with the goals of:
• Improving accountability and transparency of organisations interacting this data
• Controlling the scenarios, duration and security measures in which data may be lawfully interacted with and stored
• Limiting the transfer of personal data our of the EU to only countries and organisations who have also implemented adequate privacy and security measures
• Enshrining the ownership of an individual’s personal data and the rights the individual has their data
Will GDPR Affect Me in My Technical Sales Role?
You might think that GDPR doesn’t apply to you, but for many sales reps, GDPR has represented a big shift in day-to-day selling.
Ask yourself and your customers these questions
• Do you still rely on purchased leads to fill up your sales pipeline?
• Do you automatically add business card contact data to your mailing list?
• Do you ask existing customers for referrals and recommendations?
If they answered yes to any of these questions, then GDPR may impact them and their organisation.
GDPR for Sales
For sales teams, personal data is at the heart of how you prospect for new business and GDPR will change how you collect, store and process it and how long it can be retained for. It is important to only gather data that you need and ensure that you have lawful grounds to process it.
You might want to consider developing a process to generate as little data as possible. Regardless of the GDPR requirements, this will most certainly make your job easier as it will provide you more time to chase down quality leads and less time managing admin.
If you need the data for your contract with the person or for your legitimate interests, you should have no problems – as long as you define and explain your need to the data subject. Otherwise, you must ask for consent.
Don’t underestimate the difficulty of this task. Gathering the proof points, you need for consent is much more complicated than it sounds. Consent must be freely given, specific, informed and unambiguous.
You’ll have to record the consent and you need to be prepared and able to remove the relevant data if your client changes their mind.
Be Open About Your Actions and Prepare for Data Subject Requests
Protecting individual data is the core purpose of the GDPR. As a salesperson, you should make sure your customers are well informed of what you are doing with their data and why you are doing it.
You also need to be prepared for customers exercising their right to have access to the data. You need to make this process possible, and you need to be able to delete this data on request of contact.
GDPR laws are important for all your clients to know and learn. Taking the time to abide by its guidelines will help you and your client’s companies to avoid any liability and potentially hefty fines.