Marketing and sales in post GDPR era

Slintel Image
Slintel Image


Last updated June 1, 2018

GDPR has come into effect from May 25. Compliance now is mandatory, a lot of you may be wondering how this impacts your sales and marketing efforts for EU residents. We’ve tried to cover important aspects of GDPR you should keep in mind before deciding how you can tackle this.

GDPR or Global Data Privacy Regulation is regulation imposed by EU countries to ensure greater data protection requirements on companies that capture, store or process data of their residents. All entities whether in EU or abroad should comply with the regulation if they work on data pertaining to EU residents.

GDPR, among other things, requires that consumer should have provided approval for capturing his/ her personal data. If companies house any personal data where they do not have approval from consumer, they should reach out within 30 days and get their consent for doing so. They should only capture data that is required for their business needs and not collect any other type of data. When it comes to data storage, they need to make sure they have appropriate controls in place to prevent hacking or misuse of the data. Also, as soon as the customer requests their data be deleted, they should delete this within 30 days of the customer request. Data processing should also be confined to areas where there is a legitimate business interest in doing so.

So, what are the implications for sales and marketing teams? 

Let us start with marketing. The first implication for marketing folks is to stop sending bulk emails to prospects unless they have opted in for those mails. Bulk emails that provide updates on your product / company / that talk about a world event is data they do not need to know about, unless of course they’ve evinced interest in this. Spamming them with bulk emails is considered a breach of their privacy and therefore must be stopped. The right way to do it is to ask them to subscribe to your posts/ newsletters/ product updates on your website when they sign up. You’ll need to work on your SEO to get a good number of users to your website if you’d like them to convert to your subscribers.



Also, you should not send them promotional content when they sign up for a demo or free trial. Again, this is considered a breach as their intent is very different. The best way to get them to subscribe to your promotional content is by asking them explicitly if they would be interested. This could be a small checkbox at the time they’re signing up with appropriate wording, or could be a separate section on the website calling this out explicitly. Here’s an example of how you can do this:



When it comes to sales prospecting, there is fine line between what is called legitimate interest and what is not. It is ok to reach out to prospects over a cold call and ask them if they would be interested in learning more about your service, as long as there is a legitimate business reason for doing so. However, it is not ok to reach out to them over a cold call and start sending them promotional material even if they are not interested. Remember there should be consent from the consumer on whether this really interests them or not. If they are not interested, you should stop contacting them further and delete their contact from your database within 30 days.



Also when you are cold mailing prospects, keep in mind that the first mail is only to explain the reason for reaching out, pitch what you’ve to offer and ask them if there is an interest to learn more. If not, stop mailing them immediately. Also, only send 1:1 emails and try to customize it so it doesn’t sound like you are trying to sell your product/ service even where they may be no legitimate interest. Also make sure you have an unsubscribe link and a link to your privacy policy on the email.


Social selling or going through warm introductions is probably the safest way of reaching out to them When you add contacts on social media, and they add you back they’ve already consented to give you their information. Post this, you can drop a note to see if they are interested. Similarly, a warm introduction is not spamming and has a third person also believe there is a legitimate interest to reach out.



In conclusion, you need to revisit your sales and marketing process for EU residents in post GDPR era. Think of what potentially results in spamming vs where you are doing a 1:1 reach out where there is a legitimate business interest for doing so. Also, your outreach should mention how you got access to their information, why you are reaching out and if they would like to learn more. Make sure you are compliant with the law, and breaches can lead to severe regulatory fines.  Some companies in order to be safe have adopted a firm wide change in strategy for sales and marketing efforts so there are no special precautions the team needs to take while reaching out to EU residents. If you haven’t done this, no worries, but definitely rethink your strategy for EU residents and make sure you comply with GDPR.