21 August 2018
21 August 2018
This GDPR article was written by Pamela Vaughan from HubSpot. The Original article can be accessed here.
As you might already know, the GDPR (General Data Protection Regulation) is a new regulation that will toughen organisations’ obligations when dealing with the personal data of citizens from the European Union (EU). And finding out if your company or the software is using is GDPR compliant has recently become a national sport.
Because it will affect all organisations that control or process the data of EU citizens, so even if your company is based outside the EU, the GDPR will apply to you.
This new legal framework will have profound implications on how marketers manage their relationship with prospects and customers.
It will come into effect on May 25, 2018, and penalties for violations will be significant.
In this article, you’ll learn how to use HubSpot’s current set of GDPR-friendly features.
HubSpot can’t help companies be fully compliant — you should seek legal advice if needed — but there are many GDPR-friendly features already available in the HubSpot software.
Under GDPR, a contact needs to be informed that their data will be stored and used by a company when they’re submitting it. Consent will need to be “freely given, specific, informed, and unambiguous,” with companies using “clear and plain” legal language that is “clearly distinguishable from other matters.”
Since HubSpot helps you create your own landing pages and forms and add whatever text you wish, you already have the tools you need to inform your prospects on how you plan to use, store, and process their data and of their right to withdraw consent, all of which will help you meet your GDPR consent obligations.
How to track content in forms
Here’s how to enable consent tracking in forms in your HubSpot account:
How to set up double opt-in
Double opt-in is a procedure that allows visitors who fill out a form to confirm they want to receive communications from you.
The GDPR is silent on whether this form of consent is required. And unless guidance to the contrary is issued by the EU or our supervisory authority, our view is that this is not mandatory under the GDPR.
That said, many businesses will prefer to use ‘double opt-in’ as an additional protective measure, obtaining consent from a specific individual.
Once enabled, the double opt-in feature sends an opt-in request email to all contacts who submit a form for the first time on your website. To start using it in your account, follow these steps:
Individuals always had the right to request access to their data. But the GDPR enhances these rights. The timescale for processing an access request will also drop significantly from the current 40 day period.
HubSpot is working on functionality to ensure the service is fully GDPR compliant by the May 2018 deadline. Customers and prospects should follow our GDPR web pages for further updates in this area over the coming months.
That said, the HubSpot software already lets you export data from a person’s contact record from your HubSpot portal in a user-friendly format. It’s as simple as searching for the person’s contact record and then taking the desired action. The whole process takes seconds.
This will assist customers in complying with a contact’s request for a copy of their data. Either to move to another provider or to check what personal data you hold about them in your HubSpot account.
How to export contacts
How to modify/update data
]Under the current legislation, individuals already have the right to ask you to modify or update data you hold on them in your systems (for example if they change email address). This will not change under the GDPR, but as we know, the penalties for breach under the GDPR are more severe.
Follow this step-by-step process to learn how to edit the information on any contact property:
How to set up unsubscribe and email preferences
As you can see, there are many GDPR-friendly features you can use on your path to be compliant.
This new legal outlook is a great opportunity for marketers to revise how they’re approaching their prospects and customers. And what they can do to treat these relationships with the highest care.
We’re sure that this regulation will move all marketers toward a more user-friendly experience, and it will help shape a more transparent way to do business.
If you require any guidance on becoming GDPR-compliant online, don’t hesitate to get in touch via our Contact Us page.
Your account will be closed and all data will be permanently deleted and cannot be recovered. Are you sure?