The General Data Protection Regulation (GDPR) will mean a few changes for business to business (B2B) organisations if they are to be fully compliant with the new rules by May 2018.
Fortunately, if B2B businesses are already compliant with the Data Protection Act, they should, for the most part, have sussed out how to fall in line with new regulation.
Unsurprisingly, the GDPR affects business to consumer (B2C) organisations to a greater extent than those which are B2B, due to the nature of holding customer data.
However, it is still important for B2B employers and employees to understand and take action where necessary to the following principles.
Opt-out rules for marketing and communications
When emailing or texting employees of corporate companies, you do not need prior consent in order to communicate via these channels. This means marketing communications can be sent out as long as simple and clear opt-out instructions are provided with the message.
It is also imperative that the communications are relevant to the products or services of the business, and that they are relevant to the recipient’s job role.
These rules have been in place for a while and will not change in light of GDPR. It is simply vital that B2B employees, particularly marketers, remember that recipients of their communications have the right to opt out of receiving future messages, and that they are ultimately in control of how their personal data can be used.
In this way, if requested, you must be able to demonstrate to them how their data is stored in an easily accessible electronic format.
Make sure privacy notices are updated
Businesses should update their privacy notices and make them easily accessible. They should state the nature of personal information which is held by the business, how it is sourced, and how it might be used.
It should be written in completely transparent terms, and explain how an individual has a right to complain if they are unhappy with the way in which their information is handled.
Have a procedure in place for data breaches
Although it may be easy to dismiss serious data breaches as an unlikelihood that does not require much consideration, they are a mounting problem for many businesses and should be taken seriously.
In order to prepare for possible infiltration, businesses should assess the types of personal data they hold and plan accordingly. If the rights and freedoms of individuals would be put at risk by a data breach, it is imperative that plans are put in place to report this kind of event to the Information Commissioner’s Office.
Ultimately, keeping in line with new GDPR legislation will not be a struggle for B2B companies that are already fully compliant with best practice when it comes to storage of personal data and sending out communications. What’s more, good business relations are built on a foundation of trust, which can only be garnered if personal data is stored respectfully.
In this way, keeping in line with legislation should help your business to flourish and maintain a good and honest reputation.
Further Reading about GDPR
Econsultancy has a great section on their website - "GDPR for marketers: best practice, tips and case studies" where you can view regularly updated information about how GDPR will affect your business - https://econsultancy.com/hello/gdpr-for-marketers/