How to Audit your Prospect Database to Ensure GDPR Compliance

 

GDPR doesn’t have to be a dark cloud looming overhead.  With so many ways to capture a prospects’ attention, lines can blur on what does and does not fit within GDPR regulations. However, it’s important to get the basics – starting with how to audit your prospect database to ensure compliance with the GDPR. We covered this question in our webinar with SiriusDecisions, Demand Generation in the Age of GDPR and Data Privacy. While this summary covers high-level guidelines, it’s important to consult a GDPR expert for details of compliance.

Here are some easy guidelines to follow: 

Following the SiriusDecisions GDPR compliance framework, there are five steps to think through the process.  It’s important to know there are a number of vendors that actually provide tools to help that will help you audit the different places where you store data, and an audit will help you understand and chart both the locations and actual types of personal data that you stored.

  1. Assess all ports of entry – Where does the data come into your business? Social? Events? Contact Us forms?  What kind of data is this?
  2. Assess all locations where data is stored – Account for all personal data and ensure it is securely kept and deleted as required.
  3. Assess all the ways you are using that data. – Are you using it for marketing purposes?  Are you using it in analytics to create or maintain persona profiles?
  4. Assess data maintenance processes What are you doing to maintain the data you stored? For example, what are you doing with personal data when someone opts out?  How does it affect all the places of opt-out data, including a marketing database like Marketo or Eloqua vs. a sales database, like Salesforce or Sugar CRM?
  5. Assess the processes you have for deleting data – Unfortunately, most marketers do not have habits or processes in place for deleting anything. We tend to hoard contact data, valuing all data the same. But bad data is a negative value. It’s not just a waste of time, but can cost you money. Example: Let’s say the objective is $1.2m pipeline, with an average deal size of $50k. If 5% of the data is inaccurate, we can expect that we lost out on a potential of $60k pipeline. If the data is 15% inaccurate – this is $180k worth of potential pipeline missed. Creating processes to help us get on the right side of compliance is cost-effective and required.

GDPR is in full effect and so there is no time to waste. We’re happy to field your questions as you start to practice demand generation that meets GDPR requirements. You can also view our webinar on-demand to learn more. While Televerde is an industry expert on how GDPR affects your lead generation and outreach, we do not give legal advice. For specifics on how these practices affect your company, please seek guidance from your legal team.


Televerde

Author: Televerde

Televerde is a global demand generation company that provides sales and marketing solutions designed to acquire new business and accelerate revenue.  Connect on LinkedIn.


You Might Also Like: