On the initiative of the Council of Europe, the European Data Protection Day will be organized for the tenth time on 27 January 2017. The aim of the Data Protection Day is to increase the awareness of data protection among EU consumers as well as companies. For companies there is one key issue this year: the new EU Data Protection Regulation, which came into force officially in May 2016. The deadline for the implementation of the regulation is May 28, 2018. This may be a long-term perspective at a glance, but the earlier companies are concerned with the effects of the regulation on their business, the better they can prepare themselves and use the regulation as an opportunity. According to a recent Bitkom study, however, a total of 44 percent of companies do not yet have the EU Data Protection Principles on the screen.

Marketing can’t be imagined without the use of (personal) data anymore. Data is always the basis for aligning marketing and service communication. From personal data, which the customer leaves behind at all touchpoints, the insights about the customers are gained, which are necessary to adapt communication individually to the customer’s needs. These are, for example, transaction data from online shops, response data from campaigns or from other digital contact points of the customer journey (such as the website / booking platform) as well as location data from location-based services. By assigning these data to a dedicated user profile (profiling), marketing-relevant insights to the individual user are gained by means of various analysis instruments, from scoring models to complex data mining methods.

General Data Protection Regulation regulates European privacy in a new way

The more the use of data in marketing and, in addition, in digital business models of all kinds becomes more relevant, the more important is the data protection topic for companies and thus the knowledge and implementation of the legal framework for data protection-compliant use of (personal) data. For the first time, the EU General Data Protection Regulation has created a set of rules that regulate the collection and processing of data across the EU and terminate the coexistence of different national regulations with it. The impact of the General Data Protection Regulation on companies depends on the respective business model. German companies have a lead in the implementation of the General Data Protection Regulation, as the General Data Protection Regulation is oriented to the current German legal situation in many aspects and many companies have already implemented the essential requirements. However, German companies should not rely on this. Even if the deadline for the implementation of the regulation is not until 28 May 2018, it is an advantage for companies to examine at an early stage whether they are affected by the General Data Protection Regulation and whether they have to make adjustments to their previous processes to stay legally secure for the future. The fact that many companies have not done so yet is shown by a recent Bitkom study. According to the study, 44 percent of companies do not even have the general data protection regulation on screen.

German companies do not need to understand the EU General Data Protection Regulation as a hurdle in the use of data, but on the contrary as a lead. As already mentioned, German companies have often already implemented guidelines that may still be a challenge for other companies. This competitive advantage particularly applies to US companies, which must also comply with the General Data Protection Regulation when they offer their services within the EU. To take advantage of this lead, the topic of data protection should be emphasized in communication. For consumers as well as business customers, high data protection standards are an important factor for trust in a provider and also a concrete purchase / usage argument.