Following the introduction of GDPR legislation back in 2018, Direct Mailing (DM) houses became the obvious victims of more limited production due to low sales, whilst their customers sought to understand what was acceptable in posting out advertising material in terms of mass data.
Before that time, mailing houses across Europe could send out a multitude of publications to prospective customers on behalf of businesses without any real responsibility as to who the mass data was being posted too and whether the recipients actually wanted it or not.
Post GDPR the mindset around the posting of mass data has had to change. DM companies can no longer send out publications, unless the business customers have agreed with the compliance at any given time. Further to this, the customer can also request to terminate their decision in not receiving direct mail under their right to be deleted.
Whilst the changes in legislation initially demonstrated a knock back for both DM companies and independent businesses, it seems now the market has stabilised, DM is actually becoming a more positive means of communication. This is due the fact that they are now engaging on quality of referrals i.e. those that want to be contacted, rather than quantity and subsequently the DMA has reported a 43% increase in customer responses to direct mail during the latter part of 2018.
Going forwards, the Data & Marketing Association recommends the following measures are used to ensure that your direct marketing complies with GDPR when sending out mass data.
- Ensure that the use of the data is valid
- Direct mail should have a minimal impact on privacy
- Sent mail should be expected by the recipient or that the intention is that they won’t be surprised to receive it, i.e. it is a ‘legitimate interest’
Mass Data back at the office
- Data is stored under strict and reduced access
- Data is fundamentally protected using up-to-date IT software / hardware.
- Outsourcing to a direct mail house will ensure that you stay GDPR compliant as they will already comply to GDPR under their own ‘good practice’.
Blogs used to write this article: