When it comes to marketing your SaaS company, you know that those who need your software are a very niche market and incredibly difficult (and expensive) to find and sell to. As if this wasn’t enough of a challenge for you, the slew of consumer privacy protection laws has made communicating with these individuals a tricky task. How do you effectively and legally market to those who need your software?
This regulation applies to all those doing business in the EU, whether your company is based there or not.
Similar legislation is popping up everywhere and, if you’re not savvy to the changes, you could risk getting your business in hot water with fines and legal proceedings. These include CASL in Canada but also various regulations cropping up in the US.
Therefore, having a game plan to be GDPR-compliant is pertinent, not just for your dealings in the EU, but, eventually, globally.
Software as a Service and GDPR
Because GDPR is so new, some of its implications and regulatory restraints are uncertain. Despite this, there are some aspects of it we know for sure.
First, GDPR protects “Personal Data” and defines it as, “Any information that relates to an individual who can be directly or indirectly identified.”
Under this regulation, your B2B SaaS company is defined as a “data holder.” As such, you are responsible for keeping consumer data private, secure, and with limited access. To become a data holder, you must have “consumer consent,” which is “freely given, specific, informed, and unambiguous.”
Your company must respect the consumer right to:
Know how personal data is used.
Limit how personal data is used.
Have personal data erased.
How to Make Your Website GDPR Compliant
You may be asking yourself, how do I acquire such a stringent consent policy, and how can I protect consumer data in this way?
If you’re not using a CRM to manage your website, you’ll need to make sure cookies, call-to-action forms, and all marketing communications meet GDPR compliance.You can find out how to do that here.
B2B GDPR Implications
GDPR has essentially killed cold marketing for a majority of businesses. But let’s be honest, is this really a bad thing?
Cold marketing is the most ineffective of all methods and a fruitless waste of time for many sales reps.
GDPR: B2B Companies vs. B2C Companies
Under this regulation, cold marketing is all but disallowed by GDPR for B2C companies. Until you acquire consumer consent, you cannot market to them.
B2B marketing, on the other hand, is a little tricker.
The B2B Exception for GDPR
Remember, the goal of GDPR is to safeguard consumer data and privacy, not to stop emails from being sent altogether. That being said, this regulation does allow for cold communication on a business-to-business basis.
Here are some guidelines for this:
The people you email must be working in a relevant industry that could reasonably need the advertised products and services you offer.
The recipients must be informed what information your company has on them, how it’s being used, and why it’s being used.
The recipients must have an option to remove themselves from your mailing list and have an option to have their data removed or changed from your database.
If the recipient doesn’t respond to any of the emails, they will eventually need to be removed as part of GDPR’s “storage limitation” protocol. How much time you must wait before deleting, however, is not specified.
Are you still uncertain how to navigate the waters of GDPR compliance? If so, we’re here to help. Whether that’s in making sure you’re protecting consumer data, maintaining privacy, gaining consent, or transitioning away from cold marketing into something more effective, our team at Open Path Digital is here to help.