The Information Commissioners Office is the body set up to, amongst other things, enforce GDPR rules. Is your business too small for the ICO come knocking on your door? Possibly. A quick look through their list of firms who have had an enforcement action against them (only 96) are some large organisations including the Cabinet Office, Virgin Media and Royal Mail.
The ICO do offer a short guide to GDPR for small businesses
Extensive help and advice is available online. The DPO Centre has a nice summary of soft opt-in options for direct marketing with regards to the Privacy and Electronic Communications Regulations (PECR). In a 2021 Guide, the DPO also summarises how GDPR affects marketing.
But the threat of a fine should not be the reason you consider getting your marketing data in order.
The Direct Marketing Association (DMA) puts a brave face on it by suggesting that “closer examination of the regulation reveals that it gives marketers an opportunity to build more transparent and meaningful relationships with their customers.”
I would agree. The primary, and much more positive reason that the GDPR can become a strength within your marketing is in making more effective your lead conversion processes. Keeping tabs on your marketing lists – keeping them clean and tidy, up to date and relevant – is a great way way for any small business to make the most of their lead generation systems, in tandem to running a lead rating system. To help you with these important sales and marketing processes, I recommend adopting a decent CRM.
Having customer data all in one place in a CRM will also make it easier to adhere to other GDPR requirements including the supply of all data you have on file for a person, upon request and the removal of said data upon request.