GDPR: how does it affect B2B data cleansing?

In a nutshell, GDPR definitely doesn’t - or certainly shouldn’t - hinder the process of cleansing customer and/or prospect data. In fact, it strengthens the argument to have a regular data cleansing process in place.

Perhaps we should turn the question on its head: how does B2B data cleansing affect your GDPR compliance? It affects it greatly and in a positive way. Principle 4 of the seven key principles of GDPR is about accuracy. To ensure a fully GDPR compliant database, you need to keep any personal information you hold up to date.

GDPR data compliance, at a glance

To keep your data compliant with GDPR, and as part of any best practice data management strategy:

• You should take all reasonable steps to ensure the personal data you hold is not incorrect or misleading as to any matter of fact.
• You may need to keep the personal data updated, although this will depend on what you’re using it for.
• If you discover that personal data is incorrect or misleading, you must take reasonable steps to correct or erase it as soon as possible.n
• You must carefully consider any challenges to the accuracy of personal data.

How does B2B data cleansing improve my compliance with GDPR?

Ideally, you will be undertaking thorough and regular B2B data cleansing regularly anyway, to ensure the quality of your database and enjoy better quality leads from your campaigns. There are a couple of critical aspects you must consider though to guarantee your compliance with GDPR:

Identify sole traders and partnerships: this is crucial to GDPR compliance as sole traders and partnerships are considered as ‘personal data’. This includes the names, email addresses, telephone numbers and address of the organisation, even if it’s a sole trader that has revenue of £10million and employs 100 staff.

Identify the names of individuals that are no longer at that company: in the case of a Ltd or PLC, the company details do not fall under the scope of GDPR compliance. However, the individuals at the company do, i.e. joe.bloggs@datahq.co.uk. You are allowed to market to this email address without consent under ‘Legitimate Interests’, but you have a responsibility under Principle 4 to demonstrate you’ve made your best effort to ensure the individual is still there.

Check that records are not on the Telephone Preference Service (TPS) or Corporate Telephone Preference Service (CTPS) register: this is key as you do not want to be on the wrong end of a raft of complaints to the Information Commissioner’s Office (ICO). Checking against these registers is a simple, cost effective process. Talk to one of our data experts about how to do this, or about any of our other data cleansing services.

Check that the individual and organisation is still at that address: this simple data cleansing tactic is as much about saving time and money, and protecting your reputation, as it is about GDPR compliance. Keeping data as current as possible, and being able to record and demonstrate your efforts to do so, will stand you in good stead should the ICO ever investigate your processes.

GDPR B2B data: cold marketing recap

Let’s look at GDPR compliance in terms of cold B2B email marketing such as renting marketing lists and telephone marketing. What can you do and what can’t you

GDPR compliant B2B marketing activities

1. Cold email marketing to limited companies, and employees of, PLCs and corporate organisations such as public sector, charities associations etc
2. Cold telephone marketing to the business number of the above, except when the number is registered on CTPS/TPS or the message is pre-recorded

Non-GDPR compliant B2B marketing activities

1. Cold email marketing to sole traders and non-incorporated partnerships without their prior consent to receive communication from your company
   
   
2. Cold telephone marketing to sole traders and non-incorporated partnerships using pre-recorded calls or SMS marketing without prior consent
   
   
3. Cold telephone marketing by an actual person (live calls) to any number listed on CTPS/TPS (or if that person has objected to your calls in the past). You can still make live marketing calls where a number isn’t listed and no objection has been made

Make sure your data is clean

Whatever business you’re in, whether you’re working with GDPR compliance in mind or not, you should cleanse and update your data regularly or your marketing efforts will have minimal impact.

For more information on best practice data management, get in touch with one of our friendly experts to discuss how Data HQ’s database cleansing services can help your business. In the meantime, you might be interested in reading our recent blog Three basic actions to improve your database health in under two hours.