Page 80 - Cyber Defense eMagazine January 2023
P. 80
To ensure GDPR compliance, companies need to take a proactive approach to the way they handle and
use people’s personal data, including peoples’ email addresses, names, location data, device IPs, and
more.
Though it may seem like the average consumer hands their data out with a fairly casual attitude, studies
conducted a full 2 years after GDPR was rolled out show that a huge 41% of EU citizens “do not want to
share any personal data with private companies, almost double the number compared to public bodies”.
It’s also worth noting that if you’re found to be in violation of GDPR, you could incur a fine of up to €20
million ($20.6 million) or 4% of your annual turnover, whichever happens to be greater.
If you have any interaction with the European market that involves gathering personal data from EU
citizens, then ensuring GDPR compliance is a non-negotiable must.
With this in mind, let’s look at some of the practical steps you can apply to your cold email campaigns to
keep them within GDPR’s stringent parameters.
Review the Reasons Why You’re Targeting your Prospects
One of the first things to look at when you’re reviewing your GDPR compliance is whether or not you
have a clear, legitimate purpose for gathering the data you use in your cold email campaigns.
According to GDPR, any personal data that you use needs to be strictly necessary for purpose. This
means that if you’re gathering any data that goes past what’s adequate for the purposes of a cold email
campaign, for example people’s home addresses, you’ll be in breach of the law.
Just like the kinds of data you gather, you also need to have a good explanation in place for the people
you gather data on.
If the prospects you’re emailing have associations with a certain business niche with close ties to the
product you’re selling, or have published social media posts that mark them as a member of your ideal
audience, then you should be clean from a GDPR standpoint. If, however, you’re retaining personal data
on prospects who aren’t relevant to your business, there’s a chance that you could be in violation of
GDPR.
For more support on checking that you’re compliant with the purpose limitations of GDPR, check out this
detailed guide from the British Information Commissioner’s Office.
Understand How You’re Gathering Data
GDPR isn’t just concerned about the data that you’re storing, but also the methods you use for gathering
it. To ensure total compliance, you need to be keeping thorough records of how you acquire your data,
and ensuring that you’re sticking to ethical and legal methods.
Cyber Defense eMagazine – January 2023 Edition 80
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.