Consultancies, lawyers, IT experts, cybersecurity firms, marketing consultants and more have all built offerings around it, and the result has been a mish mash of conflicting information with barely concealed sales messages and very little practical advice.
- You may like: What does GDPR mean for B2B email marketing?
However, out of all that information (over 5 million Google results and counting) there are only two actionable checklists you need to get GDPR ready.
The ICO
In its own words, the Independent Commissioner’s Office is “the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.” They have no commercial skin in the game, and they have two in-depth checklists: one for data controllers, one for data processors.
Data controllers determine the purposes and means of processing personal data. If that sounds like you, follow this checklist here.
Data processors are responsible for processing personal data on behalf of a controller. If that’s you, follow this checklist.
The DMA
The Direct Marketing Association offers lobbying, events, research, and development for direct marketing in the UK. While the ICO’s checklist focuses heavily on general data, the DMA, unsurprisingly, has a marketing focus.
This means looking at:
- Legitimate interests
- Consent
- Information provisions
- Third party data
- Profiling
- Legacy data
To ensure your marketing efforts are in line with the latest legislation, follow this checklist here.
And that really is it. No fluff, no nonsense, simply a list of actionable GDPR advice.
Picture credit: https://www.flickr.com/photos/flamephoenix1991/8376267144