Brace Yourselves for GDPR

Brace Yourselves for GDPR

2 minute read

Jan 25, 2017

What is GDPR?

GDPR stands for General Data Protection Regulation which is new data protection regulations that will be coming into effect from 25th May 2018. GDPR is currently an EU directive but even with an imminent Brexit, the UK government is going to implement these changes after the secession.

So far, not a lot of businesses or individuals understand GDPR and how it will impact how data is collected and processed. The new regulations will introduce increased rights of individuals when it comes to their data and increased fines for businesses or organisations that breach these individual rights. GDPR also has extra-territorial rights in that if the individual data subject resides within the EU, those that collect their data outside of the EU have to apply the new rules.

Article 5 sets out the major principles that all organisations have to comply with:

  • Data must be processed lawfully, transparently and fairly.
  • Personal data must be collected for an intended, limited and explicit purpose.
  • Data collected must be minimal to include what is necessary to the purpose.
  • Data must be up to date and accurate
  • Processing data must have the appropriate level of security.
  • The data controller must be responsible and compliant with these principles.

How will it affect me?

For SMS purposes, if you wish to market to a consumer then you will need to obtain “freely given, specific, informed and unambiguous” consent from your contacts and make sure that they are informed of the nature of the marketing messages. This means that it is not enough just to have a customer’s mobile number and send SMS to them if they have merely filled out a contact request on your website or data collection of that nature.

The customer must explicitly state that they are happy to go ahead with the marketing SMS. This means a “hard opt-in” where they tick a box or use other means and methods to agree to the marketing campaign. Currently, under regulations it is only required to include an opt-out in the messages that are sent, meaning that even if they have not consented explicitly to the marketing it is still compliant to message them. This will not be the case as from 25th May 2018.

It is impossible to judge how this will affect permission rates for organisations, but we can only assume that this will lower them. However, it is not all doom and gloom! The silver lining to this is that the data collected will be directly targeted to those customers that are interested in your product, service or marketing campaign and as such, the ROI from SMS campaigns will be higher than before.

What can I do?

Prepare yourself! Take a look at the way you currently collect data and where you might act differently under new regulations. There are a few methods that you can employ to gain a hard opt-in:

  • Offer something of value – a loyalty scheme offering discounts or updates for your customers may entice a hard opt-in at check-out.
  • Competition – even if this is just something small, a competition is a great way to get people opted-in, just make sure it is very clear that they are signing up to an SMS marketing campaign.
  • Transactional – transactional messages, especially via email, are a great way to request customers opt-in to SMS.
  • Promote your SMS campaign on your website
  • Harness the power of social media to encourage customers to opt-in.

We expect further information regarding GDPR to be released over the coming months but if you have any queries or require any further information please do not hesitate to contact our team on 0800 773 4455 or drop an email to

Do you like this article? Spread the word!