Skip to content

GDPR: Finally, Some Peace for Sales and Marketing. Or Not?

Sales and marketing will continue to change drastically
No time to read online? Get my insights emailed to you.

The GDPR reporting over the last few weeks reminded me a little bit of the movie “2012” by Roland Emmerich.

Thank God …

… Europe “survived” May 25, 2018. And the rest of the world seems to have gotten off lightly 😉

The new General Data Protection Regulation (GDPR) is now in force. In recent weeks, this topic has tied up large resources in many companies. Across all departments.

As a business angel and investor in high-tech startups, but also as a digital adviser in companies from traditional sectors, I was able to experience live what that means in concrete terms.

I would like to share my insights on the challenges in sales and marketing in this article to raise awareness of the implementation tasks for the forthcoming ePrivacy Regulation.

First, let me say that the companies, their employees and most of the partners, such as lawyers, consultants and agencies, have done a stellar job. This is especially remarkable considering the fact that “digital business” certainly isn’t part of the core business for some companies like, for example, mechanical and plant engineering or companies in the oil and gas industry.

However, the behavior of individual partners of the organizations certainly gave me a few more gray hairs during the implementation process.

First of all, some lawyers could certainly (and really should) give much better advice on their “key issue of data protection”. On the other hand, some consultants and agencies could have demonstrated (and also have to) much more clearly how sales and marketing processes will continue to change in the future (long-term perspective).

Because the bottom line is mainly about two key aspects:

  1. Protection of personal data
  2. Expanding digital value creation in sales and marketing

The latter also includes the new framework conditions of the GDPR.

Unfortunately, my experience in the individual cases mentioned above is that both the quality of the process and the result were unsatisfactory.

This can be illustrated by looking at three challenges:

  • In terms of content, the main focus of many lawyers was the revision of the privacy policy. In individual cases, however, this was based on sample texts instead of the actual facts and procedures of data processing in the respective company. I have no other explanation for the sometimes “very thinly” formulated paragraphs (e.g. just 5 lines regarding the use of Salesforce as a global CRM system). And all that without considering all other necessary topics and issues that go beyond a privacy statement.
  • From a technical perspective, most of the consultants and agencies were busy converting sites to be GDPR compliant. Among other things, the focus was on implementation of SSL security certificates, adaptation of forms (keyword: data economy), as well as optimization of the handling of cookies and their various characteristics. My spot checks after May 25 showed that, while 9 out of 10 corporate websites have a cookie notification, 4 out of 10 continue to generate tracking cookies, even if the visitor has NOT EXPLICITLY AGREED TO them.
  • Of course, in terms of time, everyone involved, internally and externally, was under enormous pressure to meet deadlines until May 25. That’s completely understandable, especially when it comes to the implementation of such a comprehensive topic like the GDPR. For me, however, it is an absolute “no-go” that deadlines for projects with this significance were not met by individual partners on MULTIPLE occasions. Especially since all information and briefings were available on time. In the worst case, the preparation of a comprehensive privacy policy was simply “left alone for 4 weeks” without feedback.

(Note: All of the above challenges have been resolved to date.)

So, what is the conclusion of my findings?

One thing is clear:

The point is certainly NOT to blame individual attorneys, agencies or consultants for being categorically “incompetent” in terms of GDPR implementation. There’s no reason for that at all. This is highlighted by the many positive counterexamples – people and teams who tackle these tasks with passion, transparency and team spirit.

Instead, I would prefer to raise awareness among the companies and partners of how important (and ultimately crucial for success) proper teamwork is for such a complex topic as the GDPR. Every participant has unique skills and strengths. The key is to bundle them in the interest of creating value.

In addition, companies are well advised not to consider the tasks related to the GDPR completed as of May 25, 2018. Quite the contrary! The topic will continue to affect us over the coming months, especially in light of the upcoming ePrivacy regulation.

Sales and marketing will continue to change drastically. I will shed more light on what that means for the value creation in one of my next articles.

P.S.: Personal consent to data processing assumed 😉

Cover image: kb-photodesign/

Disclaimer: The information provided in this article is solely the author’s opinion and not investment advice — it is provided for educational purposes only. By using this, you agree that the information does not constitute any investment or financial instructions. Do conduct your own research and reach out to financial advisors before making any investment decisions.

Insights by email

Enabling digital growth

Sent every Thursday. Always to the point. No spam.

By submitting the information above, we will send you emails from Mike Flache with insights and perspectives on digital growth. You can always opt-out by clicking on the unsubscribe link within those emails. By clicking “Subscribe – it's free” you agree to our privacy policy.