Two years on after the General Data Protection Regulation (GDPR) was launched, there is still a lot of uncertainty over what sales teams can and can’t do under the regulations. Some companies have even stopped contacting prospects by email, as they are worried that they will receive a hefty fine for doing so (some companies have had to pay up to £400,000 for data breaches).
Here at Funnel Boost, we want to dispel a few myths around GDPR and let you know that you still have the green light to send emails to prospective customers, with a few caveats of course.
Make sure any prospecting you do is targeted, and you don’t collect data you don’t need
Under GDPR, any data you collect should be adequate and relevant. This means that if you are gathering data for a prospecting campaign, you only collect what you need. Don’t ask for data if you don’t plan on using it. For example, only take a phone number if you plan to call your prospect… and do you really need to know their date of birth?
Only collect leads that are relevant to your business and the product and service you sell. The golden question to ask is ‘if I contact this prospect, would they be surprised to hear from me?’
If the answer is yes, you shouldn’t contact them. For example, if you specialise in providing accounting services to large businesses, then SME organisations aren’t relevant to you.
Use legitimate interest correctly and legally
When sending a prospective email, you should explain why you are contacting the prospect, why what you are offering is relevant to them and how you have processed their data.
This is known as ‘Legitimate interest‘ and is one of the six lawful bases of processing data under GDPR. It means that you think that the benefit of your product or service outweighs the prospect’s right to privacy.
Bear in mind that legitimate interest is not an excuse for firing emails off to everyone in your CRM system. You need to follow a process to remain compliant.
Unlike the other five legal bases, legitimate interest can be contested by the company you are prospecting to. It is essential that you are aware of why you think legitimate interest applies, and that you are willing to argue the case if a company you contact disputes it.
So what does this mean to me? It means you need to do your research into the companies you sell to make sure the products or services you supply are relevant to them or will be in the future.
You will want to include a disclaimer in the footer of your email detailing how the recipient’s data has been processed. This should include a statement informing how you have processed their data, why you are processing it and what they can do if they no longer want to be contacted.
Make it easy to opt-out
Even if you have used legitimate interest and done your research, it may be the case that your prospect is not interested at all, and they no longer want to hear from you. If this is the case, you need to make it as easy as possible for your prospect to opt-out.
This can be done in several ways, as long as it is easy for the prospect to do, and that you honour their request promptly. Most companies offer an unsubscribe link in their emails or ask the email recipient to contact the company if they are no longer interested in being contacted.
If someone asks you to remove their data, you must do so and not contact them again. We recommend creating a list of everyone who has asked to be removed and to share this with your team. After all, you don’t want to unsubscribe someone only for another salesperson to contact them again as part of another campaign.
If a mistake happens, or a prospect contacts you asking why you have emailed them, be polite, be informative and keep detailed records so you can show why you are contacting them. For example, you saw their profile on LinkedIn, and you thought that they would be interested in the product or service you supply.
Keep your database clean
The GDPR states that you should not be holding onto old or inaccurate contact information. Clean your CRM database of inactive and unresponsive leads regularly. The benefit of this is not only will you be GDPR compliant, but your sales team will not be wasting time on dead leads.
If you do not have the time or resources to clean your CRM database, we’d be happy to help.
You need to make sure that the CRM system you use is fully compliant with GDPR too.
Let people know what you will do with their data
If you have not done so already, you need to update the privacy policy on your website to detail what you plan to do with their data and where you will store it. If you have servers based in other countries, you need to openly state where.
We hope that this information gives you more insight into what you can and can’t do under GDPR, and shows that you can continue to email prospects with confidence, as long as you follow a few simple guidelines.
