Despite how you might be feeling about GDPR right now, let’s put one thing to rest: On 25th May, the world isn’t going to implode and you’re not going to wake up to an email from the ICO saying you’re being dealt a £20,000,000 fine on the spot. So relax! But what should you be prepared for on the day?
There are a few things you can expect to start happening as soon as GDPR officially rolls out. Here’s our two cents!
As a result, it’s likely that individuals will feel more frustrated (and have the confidence to voice it too!) if they find themselves on a mailing list when they’ve not actually given explicit permission for their data to be used for marketing purposes. Until now, the usual response to a situation like this would be for the contact to simply unsubscribe and not really ask questions, but the new data privacy policy encourages individuals to take ownership of their data, and if it’s misused – to challenge it.
But before you get into a tizzy about losing contacts, ask yourself this important question: if these people don't want to be on your database, they're not going to convert, so really what value are they to you?
Marketing aside, there’s also a strong chance that you’ll get some emails from GDPR-savvy candidates keen to exercise their newly-acquired rights to have their details removed where and whenever they see fit.
If you reach out to a candidate on your database who you haven’t touched base with in three years, it’s likely they’ll start asking how you got their details (let’s be honest – if it’s been that long, it’s unlikely they’ll remember giving you them in the first place!). If and when this happens, you need to be able to demonstrate your audit trail – that is, the results you got when mapping your candidate data in preparation for GDPR – and hope that you’ve been convincing enough to keep them on file.
If this is something you predict you might have trouble with, read our tips on how to calculate how engaged your candidate database is plus how to re-engage your dead data.
Whether you’re chasing new business leads or catching up with existing clients, be prepared for a GDPR grilling! From the day the new legislation comes into effect, it’s inevitable that businesses will want to know how you’re protecting candidate data as well as what steps you’re taking to comply with GDPR more generally. Clients will be brought into the data-sharing equation as third party processors, so if they’re going to be doing business with you, they need to know you’re playing by the rule book to protect their reputation.
GDPR will become a natural part of the discussion even in the early stages of recruitment prospecting, so have your speech prepared as well as some pre-considered confident answers to any GDPR-related questions. This will not only save you from any awkward moments, but giving your leads some positive reassurance regarding GDPR could be the deciding factor that wins you more retained work.
The new legislation puts candidates firmly in the driver’s seat, meaning they will have substantially more control over what data you can legally hold on them and what you’re allowed to do with it. As a result of this, you’re going to have work harder than ever before to earn the right to hold your candidate data. Why should they choose to deal with you rather than one of your competitors?
What value are you providing that would make candidates want to remain on your system and continue hearing from you?
As the 25th May is the first official day that the legislation comes into effect, you may start hearing ripples through the grapevine about fines proposed for companies in breach of the GDPR rule book. But take these early rumours with a pinch of salt, as it takes a lot of time for genuine cases like this to surface and as always seems to be the case with GDPR, there will be a lot of scaremongering going on!
And whilst companies being fined by the ICO is of course a frightening concept, it’s public cases that tend to set a precedent for the rest of the world on what’s expected of us when new legislation comes into effect. So as unfortunate as the situation will be for those under the wheel of the bus, there will be a lot to learn from these situations.
So what can we expect on GDPR d-day? In a nutshell, not a lot. However, it's wise to use the 25th May as a deadline to work towards for getting your data mapped out, your database cleaned up and your recruitment team up to speed with your new GDPR-friendly processes so you know you’re ready for anything the new legislation throws your way.
For more guidance on how you can be spending your time getting prepared for the changes, download the eBook below.