Approaching three months since the General Data Protection Regulation (GDPR) came into force across Europe, the update remains a lingering pain point for the digital marketing industry, with some pretty hefty fines delivered to companies in breach.
Concerns aren’t exactly dampened when there’s no guarantee your own marketing technology vendor isn’t wrestling with compliance themselves and, as found in a new study by Demandbase, more than a few marketers have their doubts over the data handling of third-party vendors.
A whopping 80% of marketers, in fact, are concerned martech vendors will expose them to GDPR legal risks, with the report shedding new light on which aspects of the regulatory switch-up continue to cause marketers grief post-deadline.
“GDPR compliance is particularly important for the B2B industry because no company wants to do business with another company that’s going to be a liability for them,” said Fatima Khan, chief privacy officer at Demandbase.
In light of the results, it’s unsurprising that three-quarters (75 percent) claimed their companies would be investing in more technology of their own to improve their approaches to data privacy.
With the global survey of 225 global marketers taking place a month after GDPR came into effect, thankfully, 77 percent of marketers at least claimed to be aware of the change in regulations – let’s hope the 20 percent that didn’t weren’t based in Europe – but particular challenges remain.
A continuous process
They include, chiefly, a detailed understanding of GDPR and its impact upon individual companies way of working (57 percent), followed by data management issues (44 percent), how to obtain consent from users (40 percent) and technological barriers (37 percent).
One of the most common GDPR issues marketers are facing is the process of obtaining rights to use data through consent. While use of online forms and website notices or banners were cited as commons methods, the majority (80 percent) are using email to acquire marketing permission.
However, when it comes to refreshing consent for email marketing lists themselves, respondents were close to an even split between asking everyone to re-consent (36 percent), taking a limited country-by-country approach (35 percent) and not refreshing consent at all (30 percent).
“Companies have to recognize that the GDPR isn’t a single compliance action, but instead is the start of a continuous process of reevaluating privacy compliance as technologies and data processes evolve,” Khan commented.
Interestingly, the study also revealed that revenue-stagnant companies were nearly twice as likely to report that they are not spending any money relating to GDPR compliance, while those reporting revenue growth were more likely to report spending $50K (£38K) or more on compliance.
Find out more about Digital Marketing World Forum (#DMWF) Europe, London, North America, and Singapore.