What Sales Teams Need to Know About GDPR Abe Dearmer Sep 26, 2017 ∙ 7 min read GDPR GDPR is a dizzying concept for a lot of businesses who deal with personal data. Here, we present a quick rundown of how your sales team may be impacted. As you might have heard, all businesses who deal with personally identifiable data belonging to EU citizens will have to comply with a new piece of legislation called GDPR as of May 2018.This new legislation has left many businesses scratching their heads, but our GDPR portal has been set up to help demystify this new legislation. In this article, we'll explore how your sales team may be impacted. What is the GDPR? The GDPR (General Data Protection Regulation) is a new data protection law that updates and standardises data protection standards across the EU (including the UK). Its main focus is to give total control of personally identifiable data to the individuals that the data refers to.All businesses within the EU must comply with the new data protection rules by the 25th May 2018. Any company found to be in breach of GDPR rules can expect fines as high as EUR20 million, or 4% of the company's annual turnover from the preceding year (whichever is higher). How Might Sales Departments Need to Change? New Consumer RightsAs covered by the ICO, the new ruling is centred around 8 fundamental rights that each individual has over their data. Any internal processes and computerised systems will need to change to accommodate them. They are: The right to be informed - You need to publish your privacy policies and intentions for people's data in plain language so as to be easily understood, and to be able to answer direct questions from consumers about how you use their data. The right of access - You need to ensure that if a consumer requests a copy of the data you hold about them, you can provide it in a commonly used electronic format - for free - within a month of receipt of the request. The right to rectification - If an individual finds that you hold incorrect or incomplete information about them, they're entitled to have that information corrected. The right to erasure - Also known as the "right to be forgotten", this means that a consumer has the right to have their personally identifiable information deleted from your systems upon request. The right to restrict processing - Citizens will be able to object to you processing their data for a certain task. You are allowed to retain enough of their data to ensure that their wishes are met. The right to data portability - When someone has willingly provided you with their data, they also have the right to request that it be transmitted to another organisation should they so wish; for example when changing service providers. The right to object - Individuals will have the right to object to processing and direct marketing, including the right to retract previously given consent. Rights in relation to automated decision making and profiling - This protects individuals from potentially damaging decisions being made without human intervention. However, last but not least is the matter of consent. Individuals will need to specifically consent to companies using and storing their details for any use, including marketing, analysis, or sharing with third parties.This obviously is a very basic explanation of some fairly complicated legislation. Head over to the ICO's overview of the new legislation for the specifics. Be Prepared for Changes and Training As you may have guessed, you may need to make some significant changes to your current data handling and processing practices. Any customer-facing staff will need to be given training about GDPR compliance and the new rights afforded to citizens. As sales operatives tend to deal with clients and prospects on the "front lines", they are more likely to be presented with data protection queries from individuals over phone or email.Both sales and marketing teams should also make sure that their systems can handle requests from citizens who wish to exercise their rights under the new legislation, including access, deletion, portability and processing requests.However, GDPR training needs to be communicated to the whole company, not just those who deal with clients and prospects on a day-to-day basis. There are implications for GDPR in fields as far reaching as HR, management, IT, and analysis, so all departments need to come together to ensure compliance across the board. Consent = Smaller Contact Lists If your marketing department currently relies on soft opt-ins and implied consent to grow contact lists, this will need to stop immediately. Full, knowing consent has to be sought from individuals before they can be marketed to further. Therefore, your lists of approachable leads will likely reduce significantly, especially in the beginning. GDPR will ultimately affect the sales department due to the limits it places on the marketing department's ability to bring new leads into the fold.Though the initial knee-jerk reaction is to think that your sales and marketing efforts are going to suffer, in fact by switching to an opt-in only system you're dealing with a smaller group of potentially much warmer leads, who may therefore be easier to convert into paying clients. It's a real "quality vs. quantity" affair. Though the initial panic of having to alter your systems and processes may attract scorn from some companies, they're ultimately benefitting from willing, pre-qualified contacts. Automated Decision Making If your sales team rely on automated decision making tools to make decisions of significant legal or financial importance to your clients (e.g., credit scoring systems), GDPR will change the extent to which you can rely on this.Put simply, consumers can now reject an automatically-made decision, and request to refer the matter to a human decision maker. You will therefore need to change any current systems to allow cases to be referred to a decision-making team member who can speak directly with the client and hear their case. Making More Out of Less Given that you'll most likely have a smaller pool of prospects to work with, your sales and marketing departments may need to improve how they communicate their offering to prospects in order to improve the odds of clients successfully making it through the sales funnel. Take a good look at your pre- and after-sales activities from the customer's standpoint and strive to make all of your sales and marketing practices the best they can be.It may be a good idea for your sales team to get more involved in nurturing leads through the sales funnel, rather than just facilitating the final stages of a sale. Sales departments may find it beneficial to get more involved in the relationship building process earlier than they otherwise might, essentially presenting the option of closing a deal earlier. Join Forces and Collaborate! Sales and marketing departments may have to make more of a collaborative effort to bring in fresh interest and keep those contacts engaged all the way through to a sale. If your sales and marketing teams don't really communicate, this might present an opportunity to get them working together as a cohesive unit.However, marketing, management, customer services, IT, and sales all need to get their heads together about how GDPR will affect their operations and need to work out how total compliance is going to be achieved collaboratively. The whole business must come together to ensure complete, watertight GDPR compliance.