changes in eu data protection regulations and the impact on your email marketing

@adestra adestra.com

Changes in EU Data Protection Regulations and the Impact on your Email Marketing


Welcome!

• You can hear us, we can’t hear you• There will be time for questions at the end• Tweet us @adestra• Not legal advice


We have been providing enterprise-level digital marketing technology solutions to organizations around the globe since 2004. Our clients trust our proven email, automation, social, and mobile marketing technology to deliver successful and cutting-edge marketing programs to their valued customers.

We were founded on the principle that marketing success takes more than technology, and that’s why customer service is at the heart of our business. We’re not just Software as a Service, we’re Software AND a Service.

About Adestra



Introducing Adestra

Our obsession is to make our customers successful by delivering the right email-driven technology and awesome customer service.

We bring clarity to complexity.


Hello!

Antony Humphreys M IDMKey Account Manager

@antony_adestra


What we’ll cover

• Current Legislation • A brief history of Data Protection• Where are we now• How we got here

• What is changing• 4 key elements

• Tips to help you get ready

@adestra adestra.com@adestra adestra.com

What the ICO says


Christopher Graham – Information CommissionerOnly Marketing Specifically requested can be regarded as solicited

Don’t’ Panic – new regulations are basically the current directive with added detail plus good practice given statutory recognition.


Christopher Graham – Information CommissionerOnly Marketing Specifically requested can be regarded as solicited

Don’t Panic – new regulations are basically the current directive with added detail plus good practice given statutory recognition.


Current Legislation


A brief history

Data Protection Act 1984 (repealed 1.3.2000)


A brief history


Data Protection Directive 95/46/EC ("Directive") - 1995


What is a Directive

A directive is a legal act of the European Union, which requires member states to achieve a

particular result without dictating the means of achieving that result. Directives normally leave member states with a certain amount of leeway

as to the exact rules to be adopted.


A brief history



Data Protection Act 1998


The Data Protection Act 1998 (DPA) is based around eight principles of ‘good information handling’.Don’t’ Panic – new regulations are basically the current directive with added detail plus good practice given statutory recognition.

@adestra adestra.comadestra.com

8 Principles of Data Protection

Personal data:1. shall be processed fairly and lawfully2. shall be obtained only for specified and

lawful purposes3. shall be adequate, relevant and not

excessive4. shall be accurate5. processed for any purpose or purposes shall

not be kept for longer than is necessary6. shall be processed in accordance with the

rights of data subjects under this Act7. appropriate technical and organisational

measures shall be taken 8. shall not be transferred to a country or

territory outside the European Economic Area

Schedule 1 of the DPA 1998

Source: https://ico.org.uk/for-organisations/guide-to-data-protection/data-protection-principles/


A brief history




Privacy and Electronic Communications Regulations 2003 (PECR)

@adestra adestra.comadestra.com

4 Specific areas for PECR 2003

• marketing calls, emails, texts and faxes• cookies (and similar technologies)• keeping communications services secure and• customer privacy as regards traffic and

location data, itemised billing, line identification, and directory listings


A brief history




Privacy and Electronic Communications Regulations 2003 (PECR)

EU Regulation Data Protection xxxx? (aka General Data Protection Regulations)


What is a Regulation

A regulation is a legal act of the European Union that becomes immediately enforceable

as law in all member states simultaneously


So where are we now?


So where are we now

Source:http://www.insideprivacy.com/international/european-union/the-eu-data-protection-regulation-after-3-years-of-negotiation/


So where are we now

• Negotiations to be completed by the end of 2015

• Final Documentation and approval- possibly Mid – 2016

• There is likely to be a 2 year grace period

• Go-live some time in 2018

Source:http://www.insideprivacy.com/international/european-union/the-eu-data-protection-regulation-after-3-years-of-negotiation/


What could be Changing?


4 Changes that may happen

1. Regulation not Directive2. Explicit Consent

• Opt-in (B2C/B2B) to receive e-comms, to be profiled

3. Legitimate Interest• Marketing of similar processes, postal marketing & B2B• Interest of brand vs consumer

4. Documentation/Proof of Consent• What did Data Subject consent to specifically• How did the Data Subject consent


Tips to get ready


Explicit Consent


Tips | Explicit Consent

“Openness and Honesty is Key”- Julia Porter, Head of Data Protection, Guardian and

- DMA chair on Data Protection



• Brands want Data Subject’s data• Data Subject will give data if they trust the brand• They will trust that brand if they are informed of:

• What is being collected• Why it is being collected/how it will be used• And how they can change or stop collection/processing



Source: http://www.theguardian.com/info/video/2014/sep/08/guardian-privacy-policy


Best Practice | Explicit Consent

We want this because…And we will do this with it…

Preference Centres• Prominent position• Hover-overs to explain why • Only ask for information you

need• Give opportunity to Data

Subjects to update/remove data


Best Practice | Explicit Consent

Register

Confirm

Record

Update

Confirm

RecordDouble Opt-in• Use on all sign-up forms• Record the process

http://www.adestra.com/term-week-double-opt-in/


Documentation


Best Practice | Documentation

• Data Controllers to prove consent• Data Processor keep records of:

• Sign-up• Double opt-in• Changes to preferences


Questions


Thank youFor more information please contact us:

+44 (0)1865 24 24 24 or email [email protected]


changes in eu data protection regulations and the impact on your email marketing

Marketing

adestra page

data protection directive

directive page

data protection act

current directive

eu data protection regulations

brief history page

ec directive