A few weeks ago, Unhooked Communications and The PR Cavalry organised and hosted a GDPR event aimed specifically at PRs, marketers and freelancers at Ziferblat, MediaCity.

We were fortunate to secure two brilliant speakers – Steve Kuncewicz, partner at BLM in Manchester who specialises in intellectual property, media, privacy and communications-related issues, and Pete Moore, chief data scientist and founder of Look at your Data Ltd.

So why did we put on an event around GDPR for PR and marketing?

GDPR – General Data Protection Regulation – is coming into force as of 25^th May 2018. There’s been a LOT of noise and confusion about it, but ultimately, it’s to help protect people – you and me – from our data being abused or used in a way that we’ve not permitted.

There are loads of guides out there to what GDPR is exactly (see this one from Wired as one example), but ultimately it will see more emphasis on the data controller and processor to make sure they’re using personal data in a lawful, fair and transparent way. Personal data must be held securely, for a limited time and for a specific purpose.

A lot of the noise around GDPR has been focused on how PRs and marketers are going to adapt their day-to-day activities to make sure they’re GDPR compliant. From media relations to email marketing, there are a number of PR and marketing tools and tactics that rely on using data.

I’d been to a couple of GDPR events which were fairly informative, but felt I wanted a more in-depth explanation about how it would impact PR and marketing. And I wasn’t alone with this.

In a number of online network and support groups, I kept seeing fellow PR and marketing professionals, freelancers and business owners asking questions about GDPR and how it would impact their work.

Turns out Nigel Sarbutts, founder of The PR Cavalry, had thought the same as me, so we joined forces and invited Steve Kuncewicz and Pete Moore to come and talk to an audience of 50 Manchester-based PRs, marketers and freelancers about GDPR.

About our GDPR speakers

Steve Kuncewicz: Steve is a Partner at BLM in Manchester, specialising in intellectual property, media, privacy and communications-related issues and working mainly with the creative, digital, technology and advertising sector with a nationally-recognised niche specialism in issues involving social media.

Steve deals in both contentious and non-contentious matters, ranging from litigation before the High Court to cross-jurisdictional disputes, compliance and complex advisory work, reducing commercial, reputational, regulatory and legal risk. Working across the public and private sector, and with both agencies and those who buy from them, Steve leverages commercial expertise gained during his time in-house and a passion for the sectors he works with for the benefit of his clients.

Pete Moore: Pete is a chief data scientist and founder of Look at your Data Ltd, a data strategy company.  Pete loves data and sees ethical use of data as the key challenge for his industry.

Pete spent 12 years as an IT Director, using data to reshape strategy and drive growth.  He sees GDPR as a huge challenge for data strategy but also an enormous opportunity for those who take it seriously. Pete is a data scientist and not a lawyer.

What we learnt about GDPR, marketing and PR

A LOT! Far too much to fit into a single blog post, but some key takeaway points:

• Consent: It’s key to get consent when capturing and storing data. But no sneaky ‘click here to opt out’ boxes – you need to make sure people are explicitly ‘opting IN’. And they need to understand exactly what they’re opting in for – what are you using their data for and for what length of time? Make sure they know how to opt out easily too.
• If in doubt, throw it out: It’s time to take stock of what data you’re holding. All of those old databases and lists you’re holding onto ‘just in case’ – you know, lists of media contacts for a sector you’ve not worked in for years, lists of business owners you bought from a news outlet once, attendees to that event you hosted 23 years ago – you’re going to need to update them in line with GDPR or delete them. Even if you have some fairly recent databases but you can’t quite remember how you got the contact details or whether they gave explicit content – be prepared to chuck ’em. Yes, you could contact the people on your databases to ask them ‘opt in’ to your PR and marketing activity – but if the recipient doesn’t ‘opt in’ then they’ve not consented and you to need remove them from your database. But be honest with yourself – how useful are these old and non-responsive databases to you anyway?
• Lean lists: OK so by taking stock of what data you have, and removing any non-GDPR compliant data you may suddenly feel like you’ve got nothing. But this is good. If you’re still relying on a scattergun approach to your PR and marketing where you achieve a low conversion rate therefore need to contact as many people as possible – get over it. Bespoke targeting and engaging with relevant audiences is the way to go.
• Legitimate interest: While consent is important, it’s not everything. You need to look into legitimate interest. Check out the ICO’s useful guide around GDPR and legitimate interest here.
• Use trusted third party software and tools: If you think GDPR means the end of your MailChimp email marketing activity, think again. Pete Moore pointed out that MailChimp is a leader in terms of GDPR and marketing. Read about how MailChimp is preparing for GDPR here and how you can prepare here. But if you’re using tools and software to store and manage data, make sure you read their Ts & Cs and make sure you’re happy that they’re doing this in a lawful, transparent and safe way.
• Don’t panic! If you’re fed up of PPI cold calls, as I am, GDPR should be welcome news. And yes, it is a change. But if you’re already complying with data protection rules it shouldn’t be too much of a change. We’re all responsible for making sure we’re using other people’s data safely and properly and ultimately the legislation should help to raise standards for PR and marketing professionals.

Want to know more about preparing for GDPR?

Head to the ICO website for the ultimate lowdown on GDPR, including 12 steps to take now and a data protection assessment toolkit.