how marketing automation can take the pain out of GDPR compliance

How Marketing Automation can take the pain out of GDPR compliance

‘How marketing automation can take the pain out of GDPR compliance’ blog post will examine the effects of GDPR & how Zymplify can help. 

The General Data Protection Regulation (GDPR) has been brought in with the intention of strengthening data protection legislation for EU Individuals and harmonising legislation across all member states.  

The legislation will come into full force on 25th May 2018.

There are three main principals to ensure companies adhere GDPR in the context of marketing:

1. Responsibility and Accountability

It is the responsibility of organisations to put in place processes that adhere to the principles of GDPR. Ultimately businesses will be held accountable for breaches of the GDPR and are open to significant financial penalties.

  • Privacy by Design and by Default requires business processes to be developed with data protection front of mind.
  • When risks occur to the protection of personal data, a Data Protection Impact Assessment must be conducted.

2. Consent

  • Organisations must gain valid consent for data to be collected and used for marketing purposes.
  • Organisations must be able to prove opt-in.
  • The ability for persons to withdraw consent at any time must be provided.

3. Right to Erasure

  • Persons have the right to request all of their personal data to be erased on a number of grounds of non-compliance. Particularly if the organisation is deemed to be unlawfully using their personal data.

GDPR’s effect on Marketing and the role of Marketing Automation

Ultimately, marketing will be the vehicle to support GDPR. Data management will become increasingly prevalent and digital marketing will soon be the foundation for reputation and brand management.

Although a daunting prospect for some, marketers should not fear – marketing technology is the key to adhering to these regulations.

With the right mix of marketing automation software and good governance businesses can take comfort in the knowledge that they are GDPR compliant. Furthermore, it means consumers can take comfort in the fact that their data is being processed responsibly.

Here are 3 examples of how marketing automation tools can help:

1. Bring all your marketing & sales activities into one centralised dashboard

how marketing automation can take the pain out of GDPR compliance

Therefore, by bringing all of your marketing and sales activities into one centralised dashboard you will have a centralised repository of data subjects information. Consequently, this will make it much easier to maintain accurate and up to date data (a legal requirement under GDPR).

This will enable data controllers to respond to data subject access requests promptly (GDPR requires within 1 month). As well as remove data from their systems that they no longer have a legitimate basis for processing.

2. Manage Consent

how marketing automation can take the pain out of GDPR compliance

Marketing automation platforms enable companies to manage consent to contact data subjects. This can be used to track Do Not Track requests, cookie approvals etc.  

Where a data subject provides consent for any of the above this consent is recorded in a single customer view of the data subject. Importantly the date this was provided, the campaign used and the policies attached to those campaigns are also tracked so companies have a full audit trail. Consequently, it is vital to ensure you can prove consent and therefore a legal basis for processing.

Where consent is removed for certain processing activities again this is tracked. In addition, many systems have safeguards in place so that data subjects cannot be contacted via a method that they have removed consent for.

3. Manage Templates

how marketing automation can take the pain out of GDPR compliance

Automation platforms generally allow companies to create standardised templates for privacy policies, cookie pop ups, T&C’s, profiling policies etc.

By having a set of standard templates compliance managers and marketers can be sure that all marketing campaigns have transparent notices in place. Furthermore, when data subjects interact with these marketing campaigns the company can tie their interaction back to the policy that was in place at the time ensuring a full audit trail.

For more information of how Zymplify are addressing GDPR compliance contact Michael Green on


Written by Michael Green, Head of Finance at Zymplify

Michael is a chartered accountant and certified GDPR practitioner from Derry City. He is part of the senior management team at Zymplify.

When he’s not counting beans or advising on all things GDPR related he spends his time training his 2 year old son to be the next superstar footballer (he’s an avid LFC supporter but we won’t hold that against him).

Therefore, small short sentences. Consequently, another little sentence. Another active one. The frog jumps high! A customer buys a pair of shoes. I check all of these sentences. I eat strawberries. A customer is running home. Get this SEO score up.