Is data enrichment GDPR compliant?
The question about data enrichment technology in general and GDPR compliance is something that comes up in your discussions with prospects and customers quite often these days. It almost feels like companies have finally started taking GDPR seriously enough actually question their existing and desired processes. In this blog post we’re sharing with you some facts you may have not heard of and our thoughts on mitigating the risk of non-compliance.
If you’re on the market for a data enrichment solution, one of the top 5 requirements you should be taking into the account is GDPR compliance. On our blog we’ve already shared quite a few tips for marketing and sales operations leaders to help them understand how to become GDPR compliant and keep doing marketing in 2019 and 2020, so we’re going to keep it short.
GDPR compliance should be one of your key requirements to any data enrichment vendor
Let’s look at a classical example of lead enrichment process – an unknown prospect visits the website and completes a lead registration form. Wooho! Sounds like we’ve just gotten a lead! What happens on the backend as soon as we’ve generated a lead? The lead data flows immediately into a marketing automation system, where by means of an integration with a data enrichment tool and, perhaps, email validation software you’re getting valuable additional personal and business information. Those of you who already have this process in place, great job! Those, who don’t – you’re missing out, guys…
Alright, the question is whether the abovementioned data enrichment or lead enrichment process is GDPR compliant at all? We’ve got your favorite “Yes and No” answer for you. Look, according to the latest additions to GDPR, you can’t be using automated tools to get more personal information about a lead than what they had already provided. That being said, if your data enrichment solution such as Discover.ORG, Clearbit, MARCOM Robot, Bambora and others are still enriching your lead records with personal information, and if some of your leads and customers are from EMEA, you should re-consider this approach and shift the of your enrichment engine on the business information instead. At the end of the day, if you’re selling to businesses and if anything, you should have as much information about the business as you can.
Our recommendation at this point is to check with your data enrichment solution provider and see if they can adjust the process according to the GDPR realities.