The most important GDPR practices for B2B marketing

Introduced in 2016 and enforced in 2018, the General Data Protection Regulation (GDPR) is the most comprehensive data protection law passed to date. For those involved in B2B marketing, there may still be some questions as to what this means for you.

Here are some pointers and key steps to ensure you maximise the effectiveness of your marketing data while ensuring you remain GDPR compliant.

Implementing GDPR

GDPR should not feel like a hindrance, nor does it mean the data you hold is irrelevant or that you need to start afresh. The threat of a fine of up to 4% of revenue is scary but the vast majority of B2B organisations manage their data responsibly and have no fear of this.

First, you should review your data and assess if you are maintaining it in a healthy, usable state. Identify what needs to be updated, improved, or deleted. This can be a lengthy in-house process, so we recommend you get expert help in achieving this.

Data storage and protection

Many organisations still store data in silos across their organisation, for example, in Excel spreadsheets or Google Docs. This is neither secure nor efficient and certainly not GDPR compliant. You should be able to search, identify and select all data easily. You should also ensure that duplicate records are not being held in multiple locations as you will have no control as to who is accessing and using these records.

A ‘single customer view’ is a recommended way to manage your data effectively and ensure you are GDPR compliant. Always store your data in one centrally managed database. CRMs, for instance, provide encryption (both at rest and in transit) and therefore provide strong protection against hackers. This protection and access management reinforces ‘Privacy by Design’.

Data access and usage


Poorly maintained data is a massive drain on your time and costs. It often hits hardest at the stage when you plan to use your data for campaigns and sales initiatives. Many organisations do not engage with their prospect and client data throughout the year, and given that data will decay at around 30% per year, this presents a significant workload if left unattended.

Emailing your contacts when data is poorly maintained will lead to high bounce rates and, if not careful, will risk your IP and potentially see your organisation being blacklisted as a spammer.

GDPR Compliance: Consent and Legitimate Interest

When using your data for B2B marketing, there are some important considerations to observe. Your prospect or client should never be surprised by the communication you send them. The message should always be relevant to the role and sector they operate in. For example, if you are promoting a trade show that targets the financial sector, your messaging should display a clear link between what they do and how your product or service can benefit them.

This is then covered by the legal basis of ‘legitimate interest’, and this is a key defining difference between B2B and B2C marketing. Whenever you send email campaigns to your marketing prospects, you must ensure you include an unambiguous means for the recipient to ‘opt-out’ or ‘unsubscribe’. They have a legal right to receive no further marketing communications and be removed from your database if they so choose.

Under GDPR, the data subject always has the right to see which of their data you have collected, to correct any information you hold or to withdraw their consent at any given time. Often, organisations use the double opt-in feature (asking recipients to sign up for a service and confirming that through an email verification), this shows that they consent to being contacted by that organisation.

Data governance

quality control

Whenever you build or update your prospect data, you should always ensure that its quality remains consistent. Being efficient with your resources prevents unnecessary costs.

Plan regular checks to make sure:

  • all data fields are correctly populated.
  • there are no duplicate records.
  • all records held are from contacts who are either relevant to your products/services or have provided their consent.
  • hard bounces, opt-outs and unsubscribes are flagged or removed within set timeframes.
  • data hasn’t been corrupted (e.g. foreign characters can create corruption in data fields).

Set your own data governance rules to be strictly adhered to and ideally appoint a “Data Supervisor” to ensure rules are always followed. Monitoring this along with conducting day-to-day business activities is a heavy undertaking, so again, it can make sense for you to reach out to a third-party for support with all your data needs.

How we can help you with GDPR compliance

It can be difficult to know where to start when trying to build and update your B2B audience lists. At The Data Business, we specialise in building, cleansing, and enriching data, and provide these services tailored to your requirements.

We, of course, ensure that all the data collected and delivered to you is GDPR compliant, under the legal basis of Legitimate Interest. Essentially, we act as an extension to your in-house team in supporting all your B2B data needs.

To learn how we can help you, simply call us on 01227 463817 or let us know your enquiry.