May 25th 2018. The date all organizations with a business focus on the European Union (EU) changed their processes forever.
The General Data Protection Regulation (GDPR) eclipsed the old EU privacy law, bringing with it, strict implications as to how it would affect the status quo and particularly, how it would affect sales and marketing for companies whose departments hold cold prospecting as a staple way of contacting leads.
GDPR is the baseline for all of Europe but there are some places where more specific legal regulations are in place. Across Europe, local governments are putting their own spin on it as nations states are adding additional rules on top of GDPR.
In fact, local governments have begun to make their application of GDPR more stringent, so under the UK draft law, for example, there are some extra criminal offences businesses can commit. The UK application of GDPR states that a business must not upsell through automatically opt-ins until a requested quotation is issued to the prospect for the original product or service.
In Switzerland, with regards to this same principle, the rule is that automatic opt-out, as opposed to opt-in, can only be applied after the actual sale has been closed. There are therefore various applications that fall at different points of severity along the GDPR line. In a general sense, GDPR is meant to catch all interest (including legitimate interest) for processing data.
Businesses can’t use legitimate interest for everything as companies must still gain consent. Any kind of unsolicited contact (call or email) that is made without clear or explicit consent to the EU is illegal!
Cold prospecting would be very challenging under the new regime. Once a company is pulled in under GDPR, the use of tools such as trackers, pixel drops, etc - would require explicit consent. The e-privacy directive regulates the use of tracking, and one must remember that GDPR is intended to rebalance the ownership and rights of data.
Sales teams must find innovative ways by developing a relationship with their prospects or through intermediaries. As the cold sales environment becomes more challenging, prospects will be less likely to complain about a connection they view as mutually valuable, and they will be more likely to complain about the sort of robot dialing that many companies with large lists undertake.
Businesses must have a strong reason to contact organizations, offers must be logically connected to the prospect and there must be precise targeting and customization. Mass emails should be discouraged and prospects should be researched before that first call, ensuring that there is some interest between the two companies, where the prospect can logically see that the service is something they can have a benefit from.
Effectively, contact data should be hand curated either in-house or using a third-party service. There should be no scraping of websites or random lists, and all information should be obtained in a legal and transparent way.
Companies cannot contact prospects without an existing relationship. Article 7 of GDPR states a legal basis for obtaining consent and it’s very specific on what consent means. The article states, that for consent to be considered freely given, it must be truly optional for the data subject. If data controllers withhold or offer a degraded version of service for subjects who refuse or later withdraw consent, such consent would not be valid.
Consent should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject’s agreement to the processing of personal data relating to him or her, such as a written statement by electronic means, or an oral statement. When a business acquires consent for the first time, that information has to be used for the purpose for which consent was given.
Additionally, personally identifiable data comes with responsibilities as companies must know how they are collecting data and the legal basis for collecting and processing that information. Businesses now have to double down on other marketing mechanisms and really engage with people to build lists organically.
Relationship building is the mortar that will hold the foundation bricks in place to build up to that eventual sale.
Dale Carnegie said, “You can make more friends in two months by becoming interested in other people than you can in two years trying to get other people interested in you.”
Businesses must be clear that consent cannot be conditioned upon anything. It’s not going to be easy to gain approval from prospects, so companies have to look at their target audience and see what those people like.
Sales teams must now be more engaged with the people they are trying to prospect and develop a more consultative approach to selling. Under GDPR, there is a clear obligation to be fair and transparent. Businesses must say exactly who they are. Consent is a clear specific action taken voluntarily, especially by use of the opt-in golden standard. Opt-out is better for existing relationships with cross-sells and up-selling.
The key is to make sales based emails more content related, newsworthy and research-based, for people who are not immediately interested, but which allows the prospect to remember who is informing and educating them.
If your company missed the pre-May 25th global madness, where thousands of companies solicited consent from pre-existing customers, then your sales and marketing department will now have to go through more stringent checks and balances than ever before.
In most cases, to run a large campaign, businesses will need a Data Protection Impact Assessment (DPIA). This is a process for checking the privacy risk of an acquired mailing list such as when company unknowingly purchases a stolen list from a third party. Before every marketing or sales campaign, there are ways in which companies can mitigate the likelihood of such a risk by doing their due-diligence. This includes having a contract in place to assure that the list is legitimate.
Businesses now have to be able to show the fact that they have permission to use EU contacts if the regulator asks for it. There must be an audit trail where consent can be verified and this is extremely challenging in practice because this is both expensive and time-consuming.
The industry is full of information hoarders and now is the time for businesses to get rid of data they don’t have permission to use.
Businesses will also seek out different markets. US corporations mailing into the EU are particularly disadvantaged.
If a Non-EU based business is operating in a manner that makes their company come within GDPR, like trying to sell in the EU or profiling EU citizens, they have to have a Data Protection Officer (DPO). This is someone who will effectively guarantee their performance of GDPR and who is based within the EU. Most businesses are struggling to find someone who will be a DPO for a reasonable cost, although they know it could be essential to mitigate the risks of a potential 20 million euro fine.
It’s not necessary to reinvent the wheel to innovate. You simply have to find new ways to use combinations of what has already worked in order to achieve greater levels of consumer value and reduced costs.
As an alternative to cold calls and emails, here are a few ways sales teams can reach out to prospects on a more human level:
- Content Campaigns: Use content to educate and nurture leads.
- Sales Chat: Reach web visitors in real time while they are browsing your site on chat
- Twitter: Use industry keywords to influence and reach out to decision makers.
- Facebook: Join and engage groups that relate to your target industry and add value to them.
- LinkedIn: Use LinkedIn to research ideal buyers and join groups to find prospects.
- Quora: Platforms like Quora are great ways to set yourself up as an industry expert by answering questions in your field.
- Referrals: Contact satisfied clients and ask them to refer leads.
- Joint Ventures: Friends with a related business can help promote you.
- Snail Mail: A good letter can go a long way, even in the digital age.
- Networks: Join a local network and host a meeting or event to attract local leads.
- Webinars: Go live and answer questions that your prospects have.
- Build Quality Lists: You can still build quality segmented lists but only with leads with which you have consent to use their data. Be prepared therefore to keep a clear record of where this consent came from.
Know the benefits of your product or service, and its unique selling proposition and value to your prospects.
Customer choice from now on will be based primarily on a business's ability to show greater value to a prospect, and the use of inbound opt-in based strategies to get consent more proactively.
To discover a new way to generate B2B leads, download our guide below.