The Impact of GDPR on Marketing, PR and Outreach for Startups
by Startacus Admin
The arrival of the European Union’s GDPR replaces existing data protection laws. Here's some thoughts on how it will impact on how marketing and PR is undertaken.
The growth in data protection legislation takes a big step forward this year. The arrival of the European Union’s General Data Protection Regulation (GDPR) updates, replaces existing data protection laws. Its key features are the harmonisation of data privacy laws across Europe, including Britain, whatever happens later with Brexit. The aim is to protect privacy and create a common method for all business, including marketing and PR when the laws take force on the 25th of May.
The GDPR Effect
When GDPR takes effect, it provides everyone with various improved rights to access and understand the use of their data when supplied to business. For marketers and enterprises, the new responsibilities for accountability and governance reflect the current digital-business marketplace, and go some way beyond the current data protection landscape.
For example, any small business can now collect millions of pieces of personally identifying data. And, it may not have the knowledge or staffing to manage them in an appropriate and secure manner. The major change when adopting GDPR is that each business must demonstrate compliance by design, proving that data retention policies and services are fit for purpose.
This applies to both internal data of employees, and external from consumers, customers and prospects. There are many useful resources for marketers concerned about how GDPR will impact their business and operations, including this handy GDPR guide from AppInstitute. As far as marketing departments are concerned, they need to be as on-the-ball as IT and other areas of a company. 
Marketing, Startups and the GDPR
The Data Protection Act expects businesses to only hold the minimum amount of identifying data a company needs. So, for an all-electronic marketing company, an email address would be sufficient. GDPR may also include IP addresses, so goes far beyond this, with large fines, up to 4% of global turnover, for non-compliant companies.
Any marketing and PR company should be aware of their current and future data identifying plans, and ensure that key responsible staff are identified. Any other organisations that information can be shared with should also be identified.
For any new data gathering procedures, ensuring that the right to be forgotten is easily accessible through that mechanism, with all privacy notices 
updated to reflect the new laws.
Startups will be at an advantage, as they can build new IT systems from scratch that meet the demands of the legislation, and companies that have been planning for GDPR will have been careful to migrate data to compatible platforms.
Companies that may struggle include small marketers who are focused on a few clients, and have not considered the data implications of sharing information from or with larger businesses. Some companies will not deal with non-compliant businesses, which has large implications for smaller firms that deal with big business.
All types of companies should ensure the whole company is aware of new privacy information. They should identify what the lawful basis for any data processing activity is, with updated documentation. Procedures need to be in place for handling access requests and consent to store data.
When it comes to data breaches, companies need to report these, which will prevent companies from trying to bury bad news. While a boutique marketing practice might not think it would be a target, automated data theft means anyone can be a victim, so the correct procedures need to be in place to detect data loss or hacking, as well as how to report and investigate a personal data breach.
Any marketing business that focuses on the younger demographic need to be focused on the new rules about parental or guardian consent for any data processing activity, which could complicate sign-ups and sharing of their details.
Finally, every firm will need a data protection officer with responsibility for compliance and information sharing. The complexity increases for those working outside the EU, with details available from the ICO. Also, whenever Brexit does occur, in whatever form, British marketing firms will need to stay on their toes to keep up with any changes. Current government thinking is a rewrite of the rules to make for improved trade deals with the US and others. While that may have longer term benefits, it could cause chaos in the interim.
Subscribe to our newsletter
If you would like to receive our startup themed newsletter, full of the latest startup opportunities, events, news, stories, tips and advice, then sign up here.
New report reveals the huge impact of Archangels' investments on the Scottish economy in terms of both money generated and jobs created.
Tech companies and professional services firms on the island of Ireland set to meet at the first Innovation Island Connect Networking Event at the upcoming SaaStock Conference in Dublin.
Toqio secures major investment to support further expansion and drive its vision of becoming the world's premier fintech SaaS platform.
Innovate UK KTN’s Sustainable Impact Investment Programme chooses 13 sustainable UK startups striving to change the world
.jpg)
Etihad Airways partners with Aerospace Xelerated and Tawazun Economic Council to seek applications from innovative startups that are working in the digital services and solutions area.
.jpg)
New cross-border collaboration project featuring interactive portal and series of networking events to be delivered by TechIreland and Startacus, with support from InterTradeIreland’s Synergy initiative.
In London later this week and interested in learning how AI can help startups scale? Book your ticket now for this free event from Women in AI featuring a panel of industry experts discussing just that.
The latest Funding Review from TechIreland reveals that Irish Startups raised €746M in the first-half 2022 but early-stage rounds have dropped to a five-year low.
The lowdown on Jiminny and its AI-driven system that transcribes and analyses sales conversations with customers and then provides tailored coaching to sales teams.
London-based SaaS startup Evorra has created a data marketplace enabling brands and agencies to build and scale their marketing audiences.
Published on: 20th February 2018
If you would like to enable commenting via your Startacus account, please enable Disqus functionality in your Account Settings.
- Archangels generates up to £1.4bn for Scottish economy 30th Sep 2022 New report reveals the huge impact of Archangels' investments on the Scottish economy in terms of both money generated and jobs created.
- TechIreland & Startacus to host the first Cross-Border B2B Networking Event at SaaStock Conference 30th Sep 2022 Tech companies and professional services firms on the island of Ireland set to meet at the first Innovation Island Connect Networking Event at the upcoming SaaStock Conference in Dublin.
- TOQIO Secures €20M to be the Platform of Choice for Building New Fintech Solutions 29th Sep 2022 Toqio secures major investment to support further expansion and drive its vision of becoming the world's premier fintech SaaS platform.
- Innovate UK KTN launches its 2022 sustainable impact accelerator programme 28th Sep 2022 Innovate UK KTN’s Sustainable Impact Investment Programme chooses 13 sustainable UK startups striving to change the world
