In 2012 a subset of the European Commission came to the conclusion that with the advancement of technology, data protection laws needed a upgrade. When you look at the timeline, the smartphone as we know it today, wasn’t even near existence the last time there was a major change. This has become know as the General Data Protection Regulation.
As someone who has dedicated their career to customer management systems in one form or another, there are two overarching principles that get my attention. The GDPR gives power back to individual to control their data and the GDPR widens the definition of personal data.
To be honest, as a salesforce professional, this scares the living daylights out of me! Though, as a citizen, it is nice to know that there is more stringent protection coming into place. I can’t even imagine how many databases my personal information exists in, from newsletter database to vendors I met at a conference 10 years ago.
Hopefully by now you are beginning to wonder how this effects you as a business. I won’t go into to much detail in this musing but let’s look at the basics.
As a data controller, you must fully understand where personal data exists in your business and how it flows through. Whenever I bring this up, the first question that arises is… “Hold on a sec, clearly this doesn’t mean my CRM data? What about my Leads?” Upon my answering, you could hear a pin drop! All data that can be used to identify an individual is considered personal and you must have the necessary legal bases required in order to use this data. These can be pieces of information such as a name, email address, phone number or even someones IP address. This sole fact is really where the biggest impact lies, before the GDPR it was generally assumed that B2B data was not bound by the same rules as B2C.