Think that £500 Million ($650 Million) is a lot of money?
Well thankfully for Dixons, this was before the GDPR May 2018 deadlines regulations came into place. So in fact they got off lightly.
GDPR places a 4% of worldwide turnover fine on your company.
As a European citizen, if you market to me, wherever you are in the world, you HAVE to comply. But I'm leaving Europe on the 31st January 2020, yes, but all European law is enshrined in UK law up to that point.
So wherever you are in the world, send me emails or use data to call me, you have to comply with GDPR, or you get fined! It's as simple as that.
This means you need to have all DATA locked down and unhackable. I recall a techie once gave me some advice, he said "you have to assume that you have been hacked and work back from there".
So you are holding, for example an email list and you will get fined 4% of global, that's global turnover if you are hacked. But you have to assume, whenever you hold data, that you have been hacked.
Can you see where this is going?
Here at DLA Ignite, we deleted our email database, because a fine of 4% of global turnover will wipe us out. It's not worth the effort of keeping the data. The risk of holding the email data vs the fine isn't worth the time, effort and risk.
But to be honest, as a "social" business we have never, that's never used any interrupt marketing in our 3 and half years of existence. We don't advertise, we don't cold call and we don't send unsolicited emails .... we don't have to and neither do you!
We have 55% share of voice, against our competition which has 37 times more people than us. Does not mean we will win every deal, but it does mean we "own" the category. Just look at #Socialselling on Twitter and see if you can see us. :) Please don't see this as a boast, it's a fact!
Want to know how to own your category, want to know how to be a social company, want to know how to create a content factory ..... contact me!
The ICO told us that in addition to the aforementioned personal financial data, Dixons had initially found that roughly 10 million non-financial records had also been pilfered (name, postal address, mobile and home phone numbers, email address, date of birth and failed credit check details) from the retailer’s internal servers and exfiltrated.