GDPR – Why The Public Needs Educating

March 20th, 2017

It seems that UK Plc is slowly waking up to the seismic changes in doing business that GDPR will create. In May 2018, the EU Directive goes live and, well, let’s see what happens after that – it’s uncharted territory. Here Be Dragons!

For me, too many companies are still seeing compliance as a legislative and systems change. Yes GDPR will require systems and processes to change to comply with the legislation. But that is far too simplistic and totally misses the MUCH BIGGER PICTURE.

GDPR Means Cultural Change


GDPR means the way you do business with your customers and prospects changes completely. It means more openness about what your business does with a person’s data. It means turning the current DPA model on it’s head and putting the consumer in control – they decide what you do with their data. No longer can you (the business) hide behind wishy-washy, tenuous legal speak, hidden away in the bowels of your T&C’s.

Over the next 12 months, companies will inundate their customers and prospects with requests to use their data to communicate with, market to and undertake processing to deliver their products and services. Remember, if you apply a Consent model – NO CONSENT = NO COMMUNICATION in the post GDPR world. So forget which creative treatment or strapline pulls the best response. Before you can test the creative or the strapline, you have to get the consumer to agree for you to communicate with them by a preferred channel about a specific product or service. Only then can you even start to think about the offer/creative/strapline/pricing, etc. Alternatively, you may use a Legitimate Interest model, but you must complete a balancing test of your Interests against the consumer’s Interest (an LIA or Legitimate Interest Assessment)

Let The Re-Permissioning Begin!

So what will the public do as they start to get bombarded by businesses asking them to actively opt-in? Well they will probably ignore it. They will think it is yet more “big business” trying to send “junk mail, spam and nuisance calls”.


And that is why the Public needs educating. They need to understand that GDPR is a positive change that has been introduced for the consumer’s benefit and because the consumer wants it. The public is jaded by junk mail, nuisance calls and spamming. They want it to change and they will appreciate and value the brands that clearly give them choice and control. Eventually! Once it is fully understood and is the normal way to do business. To quote the ICO “Doing consent well should put individuals in control, build customer trust and engagement, and enhance your reputation”. And don’t forget the Privacy and Electronic Communications Regulations (PECR) – this legislation has been in force since 2003 (albeit widely ignored). If your communications are based on electronic channels (email, phone, SMS) then you MUST comply. Whilst B2B is allowed greater flexibility, B2C is rigid and requires Consent. Do read up on the “Soft Opt-In” clause however.

GDPR – A Positive Vision

Consumers will appreciate and value the brands that clearly give them choice and control. If done right, those brands will then generate a higher level of engagement and loyalty from the customer/supporter/stakeholder base. By opting in (consent model) or not opting out (Legitimate Interest model), a consumer is showing the highest level of interest in your cause, product or organisation. That is gold-dust! It is the best way to do a value segmentation of all consumers who touch the brand in some way – if they opt in/don’t opt out, they are interested and you should focus your effort on them. So whilst GDPR will result in a smaller active customer/supporter/stakeholder base than pre-GDPR, the base will be of higher engagement and probably higher value than the current average. That means lower campaign and admin costs and higher responses. That equals improved ROI. And that is a good thing for all involved.

The Preference Centre Solution

preference centre

The Syrenis Preference Centre solution has been used by the UK and Canadian governments to manage Stakeholder Consent for over 5 years. It is also used by a number of commercial and charitable organisations. And the Fundraising Regulator announced in January 2017 that The Preference Centre technology will be used for both the digital database and telephone service for the Fundraising Preference Service, ensuring GDPR compliance.

The Preference Centre was designed and developed around what we believed were the crucial aspects of data-marketing for the future. And now that future has arrived, in the legislative form of GDPR!

But The Preference Centre is about more than just complying with legislation. It enables brands to give consumers control and choice over how they are marketed to, by whom and about what. It helps enable a cultural change within your business. Yes, GDPR is bureaucratic and legislative. But the central premise of putting consumers in control of the use of their data is fundamentally a correct, ethical and morally right concept.

GDPR Consent Journey

So how do we help clients turn a legislative nightmare into a success story? The first stage is simple – implement The Preference Centre technology! The second stage is more complicated – using the technology to maximise opt-in and engagement. We do this through insight, analytics, and strategic planning. Of which we are masters! Through robust testing of statements and different approaches, understanding the cross-channel consent metrics, audience segmentation and developing an optimal consent journey. Through developing granular consent strategies. Basically by taking a higher-level view of the post-GDPR landscape, planning for it and working with our clients to implement a successful cultural change (often over a period of years).

supporter services


At Kudos, we see technology as an enabler. The Preference Centre enables brands to be compliant and to manage all aspects of consent and permissions, including statement testing, self-service permission management, split cell testing, bi-directional integration with existing infrastructure and much more. It’s a very clever piece of tech. But it’s how that tech is utilised that drives post-GDPR success.

Contact Us!

For more details on how to ensure you stay compliant and centrally manage all your consents across multiple platforms, give James Squires a call on 0330 043 1593 or email