Know the rules of the (data) trade
You probably already know about CAN-SPAM Act for email (here are the FTC’s guidelines for a refresher). And then there’s the Electronic Communications Privacy Act, which many say is outdated. But you might be less familiar with all the new privacy policies and rules for advertisers that the social networks and other companies are putting together in response to the Cambridge Analytica scandal—check them out:
- Facebook’s new privacy policies. While organic reach of Facebook business pages is declining, the platform is still the largest social network. Fundraisers and marketers should know the changes that Facebook has made in the wake of the election scandal. The Daily Carnage (which you should be reading if you aren’t already) put together a great summary of the changes.
Also, before running an ad for your organization on Facebook, be sure to read its ad policies thoroughly and pay special attention to the Data Use Restrictions section. If you are running ads that aren’t compliant you risk being banned as an advertiser, and Facebook makes it difficult to regain advertiser permissions.
- Twitter’s new privacy policies. Most of the recent focus may have been on Facebook, but Twitter has a new policy, too. This CNET article will help you interpret it. There is a lot of information, but here are the two takeaways we believe are most important to know: 1) When collecting information, advertisers must describe how their data will be used. 2) Landing pages on which users will be submitting confidential or private information must be on a secure server.
- LinkedIn’s new privacy policies. Even such seemingly benign sites as LinkedIn have updated their policy in the face of Facebook’s scandal. Here’s the new policy.
Here are some other rules for managing your data safely:
- Ensure that any webpage used to collect data is on a HTTPS connection, NOT an HTTP connection.
- Use secure methods whenever transferring this data (i.e. not over email).
- Protect all collected and stored data in your CRM to ensure this information is not compromised.
- Do not sell or rent out your list, unless you explicitly tell your subscribers that you will be doing so for a partnership, collaboration, or other reason.
Be aware of GDPR
Oh yes, GDPR. You’ve heard of it, but either you’re not quite sure what it is or you don’t know if you should be concerned about it (after all, your organization is not in Europe). Yes, you need to be concerned about it. If you…
- Have any contacts in Europe in your database
- Have campaigns that target people in Europe
- Have frequent visitors on your website from Europe
…you could be fined up to 4% of your global revenue for violating it.
The biggest take-away is that you need an individual’s consent before collecting and using their data. The law applies only in Europe, but it’s a good practice to use anyway (see the next section on permission marketing). Here is a great resource on guidelines to consent.
Here are some other resources to read up on the GDPR:
Get familiar with Permission Marketing
Or, in the case of nonprofits, you can think of this as “Permission Fundraising”. This is a term coined by marketing guru Seth Godin in Permission Marketing: Turning Strangers into Friends, and Friends into Customers. Actually, the best I’ve heard the GDPR described is by Seth Godin: “On the twentieth anniversary of Permission Marketing, the EU has decided to write the basic principles of that book into law.” If you follow the guidelines of Permission Marketing, you likely will already be in compliance with GDPR and other data policies recently put in place.
The basic idea is that, instead of “Interruption Marketing” (TV ads, newspaper ads, SPAM emails, and more), our fundraising communications should be providing value to potential customers who have already “raised their hand” and expressed interest in our organizations. Our own Steven Roth, of JCA Arts Marketing, explains this concept more in his Ask Me Anything post about Permission Marketing.
What are best practices in getting someone’s permission to market to them?
- Be clear in opt-in, subscription, and contact forms on exactly what the signee is signing up. (For instance, if a person fills out a form about a volunteer opportunity, this doesn’t mean you can use their information for all of your fundraising emails unless you ask.)
- Focus on generating prime content that has value to your prospects—content that people seek out and ask for more.
What do you do after you get their permission?
- Shop in your own closet. Utilize your existing contact or donor base.
Guess what? Permission Marketing works, too. Wait until you see your email rates when you’re sending emails to people who actually want to hear from you.
So there you have it—easy resources to legal, compliant, and ethical data usage in 2018. Good luck out there! And remember—data can and should be used for good!
If you need more help on how to manage and use your data—contact us. We can help you enrich your data, too!
Data Enrichment Services