This prior consultation is provided for in Article 36 of the Regulation

In addition to this impact study obligation, the regulation allows companies to comply with it through “ soft law ” principles . Indeed, the regulation offers the possibility to the member states to use mechanisms of labels, code of conduct or certification, to prove their good will. To conclude: generate leads, yes, but it will have to be done in accordance with the regulations. In addition, the principle of accountability is based on trust in states and companies. It remains to be seen who will really play the game … If you enjoyed this article, check Jamaican Email Addresses out our lead regulation article or check out our white paper Legal Aspects of Lead Generation. Do you want to be supported in your process of increasing your leads ? We invite you to contact our teams for more information.

It will be able to rely on the NS-048 standard which says that data can be kept for three years after the end of the commercial relationship. Digital Marketing and GDPR The GDPR will therefore have impacts on your digital marketing strategy. As we have seen previously, it becomes illegal to buy customer contacts and keep them indefinitely. Marketing actions will therefore have to respond to these changes. As far as inbound marketing is concerned, your operation does not change, because a person agrees to fill out a form. With this consent, you can use their personal data, but for a limited time.

If you have purchased databases

You will then have to perform the sorting in several ways: The first will be to remove all addresses that have not obtained consent. The second will be to remove all those that are over three years old and with whom you have not dealt. For the issue of newsletters, deletion is not necessary, it is only for commercial approaches. Delete the phone numbers that have not been approved for your commercial offers. If you do not perform this operation then you will have financial penalties as provided for in the NS-048 standard. In addition, companies must respect the principle of accountability which no longer obliges companies to report data to the CNIL. The principle of accountability removes that.

From now on, companies will have to put in place “appropriate technical and organizational measures” to comply with the regulation by using data protectors Companies will therefore no longer have to make this declaration, as long as they can demonstrate that they have done everything to comply with European regulations in the event of an inspection. The responsibilities of the DPO (Data Protection Officer) All these new standards will generate jobs. As mentioned in the first part, the establishment of a DPO will become mandatory.

Its main role will be to respond to requests from customers

Individuals regarding the protection of their data. He will be the guarantor that his employer complies with the new general data protection regulations. The latter will not only focus on the issue of leads and their personal information. He will have to work with different services such as: Marketing and communication for mailing actions for example Human resources for the personal data of unsuccessful candidates From the general management. Legal resources for those who have one. The DPO must have multiple knowledge since he intervenes on several fields of knowledge.

These fields of knowledge range from marketing to legal, obviously including IT. Versatility will be required for this position since the DPO must have a strong legal culture, particularly focused on new information and communication technologies (NICT). Therefore, it will be mandatory for the companies concerned to call on a DPO before May 25, 2018, the date of entry into force of the regulation . Article 37 of the regulation notifies the following: Any body responsible for processing data designates in any case a data protection officer.

Leave a Reply

Your email address will not be published.