GDPR 2018

GDPR Protecting CitizenThe General Data Protection Regulation, or GDPR for short, is a new EU law regulating data privacy, specifically aimed at improving the privacy of EU citizens. It is the result of a decade of negotiations to improve various out-dated data protection laws such as the UK’s Data Protection Act (1998). While the GDPR is in fact EU law today, it is not enforceable until 25th May 2018, giving businesses time to change their data processes and structures to accommodate this shift in the data protection landscape.

There are a number of new data protection features that appear in the GDPR, which all businesses will have to adjust to. Some of these changes are complex and represent a fundamental change in the processing of personally identifiable information (PII). One of the most significant changes comes in regards to accountability and responsibility. The onus on businesses to be more transparent about how they use personal data is higher than ever.

While the industry is still waiting for the dust to settle on the GDPR, there is still much confusion around its application. We have produced a report that aims to ease some of that confusion. It addresses some of the key changes that are coming to data protection next year and goes someway towards answering the most important question for B2B marketers: Does it apply to B2B?

When asked, 26% of marketers felt they were unprepared for the new GDPR regulations

DMA Insight: GDPR and you, read more here

Key Areas


While many data protection laws are EU orientated, the GDPR places an equal responsibility on businesses outside of the EU if they process EU Citizen’s data. Despite being a European regulation, the scope of the GDPR spans globally.


Consent is one of the core pillars of this new regulation. The old method of passive or ‘implied’ consent, whereby a pre-ticked subscription box would count as implied consent, will no longer suffice. Businesses must obtain unambiguous consent that has been actively opted-in by the consumer, e.g. the consumer ticks and opt-in box, followed by a confirmation email to finalise the subscription (know as double opt-in).

Right to Be Forgotten

Consumers now have the right to erasure, or more commonly know as ‘the right to be forgotten’. Consumers have the right for their personal data to be deleted or removed from any future processing, should there be no need for it to be continued.


Hacks, leaks and breaches are words that would make all businesses panic. Breaches vary in size and severity and not all are punishable. Understand the differences between breaches that need reporting and which do not in our new report.

[B]2B, or not 2B?

Many still remain confused as to whether the GDPR will apply to B2B marketing, and if so, how much it will affect the industry. With no clear sign in sight, we contacted industry body The DMA and researched what the potential consequences of GDPR are on B2B marketing.

Although telephone and mail channels may be opt-out, if your business adopts a ‘consent only’ approach this would require consent across all channels regardless of B2B or B2C sectors and/or channels. The benefit of which completely covers a business from any opt-in/out disputes

Snippet taken from the Intermedia Global GDPR Report 

The report we produced goes into more detail about the affects of GDPR on the marketing world, covering the likes of: consent Vs legitimate interest, expanded definitions of ‘personal data’, sole traders & partnerships and the affects of GDPR across the main 4 marketing channels.

Intermedia Global GDPR Review