Fotolia

Tip

How Salesforce teams will feel the impact of GDPR

With less than a month until GDPR has to be implemented, both B2B and B2C sales teams must be prepared to properly protect or even dispense of customer data, according to experts.

Compliance with the EU's soon-to-be-implemented General Data Protection Regulation requires new ways of working with customer data, as well as rethinking how a sales team interacts with EU customers.

The effects of the General Data Protection Regulation (GDPR) will be felt by both direct B2C sales processes and, to a lesser extent, B2B sales efforts. Enterprises will need to be more diligent in qualifying sales leads to ensure they don't lead to fines. GDPR could also affect the data used to prioritize leads through Salesforce's popular predictive lead scoring tools. Additionally, sales teams need to examine the kinds of ancillary data used to guide sales conversations.

The impact of GDPR on sales teams will be felt in terms of the tools used and how those tools handle data. Under GDPR, individuals have the right to request companies disclose what information they hold about them and update, delete or stop processing this data. The right to be forgotten is a key change, but the other changes are no less significant.

"GDPR demands a global shift in thinking with respect to the collection and treatment of personal data," said Luis Franco, vice president of international business operations at SurveyMonkey, based in San Mateo, Calif. "In simple terms, businesses don't get a free-for-all mandate to use personal data as they please when they get consent. Businesses don't own the personal data -- the citizen does."

GDPR compliance plans  for Salesforce should include the ability for salespeople to erase or suspend customer contact data, including any enriched data. Sales teams must ensure their Salesforce instance can disclose where data is stored and how it is secured.

"This includes both data at rest and in transit. Even tools or browser plug-ins that sales teams use must be audited to understand how they process, store and transmit data," said Srivatsan Venkatesan, head of product at rival CRM vendor Freshsales, based in San Bruno, Calif. This goes for apps, too: As many sales tools and plug-ins are free and easy to use, sales teams should be careful that they are not inadvertently using tools that are not secure.

Adopt Lean data practices

GDPR demands Lean data practices, clear processes and transparency, which can be a challenge in the CRM space, where data is instrumental in driving sales and growth. Many businesses use personal data in CRM applications with other systems to enable marketing actions and campaigns. The impact of GDPR will require marketers to act smarter and focus on offering added value to prospects instead of relying on big volumes of contacts.

"We take the GDPR requirements very seriously and are working cross-functionally with all our teams to ensure our privacy standards are always first-class," SurveyMonkey's Franco said.

"We believe our customers come first, and our current company practices are built around this approach in terms of respecting users' privacy and all applicable privacy laws. GDPR gives us an opportunity to ensure that we do even better. In fact, we've used our own survey product to ensure that across the company, we're holding ourselves accountable to this approach."

B2B sales impact

The impact of GDPR on B2B companies will require some changes, too, though not to the same extent as their B2C counterparts, because they typically have a smaller number of customers. Different rules apply to business-oriented contacts, and they also automate a smaller share of the communication between sales and the customer.

B2B marketers can continue to solicit business contacts that have not actively opted in, as long as it is easy for those contacts to opt out. However, this does not always apply when targeting home offices, sole proprietors or business contacts using consumer email addresses.

"These segments are more likely to be treated as B2C and, thus, would require an opt-in," said Joel Carusone, director of data sourcing and partnerships at Radius, a San Francisco-based predictive marketing platform and Salesforce AppExchange partner.

To execute GDPR compliance plans for Salesforce, sales and marketing teams will need to work together to classify under which of the above categories their customers and prospects fall to determine whether or not they'll need to collect active consent to continue their email communications.

GDPR checklist

Manage leads carefully

The old go-to for many sales and marketing teams -- purchasing lead lists -- might not be as attractive if put through the rigor of Salesforce GDPR compliance. Businesses that rely on lists will likely see decreases in list size, as well as an increase in cost. The impact of GDPR will require data sets to include only individuals who have consented to receive marketing from third parties.

"Given the challenge with receiving this type of active consent, the belief is that purchased leads will be of lower quality," Carusone said. "Many businesses that rely heavily on third-party data sets are purchasing additional leads [early], with the hope of collecting opt-ins prior to the GDPR effective date."

Without the ability to send blanket marketing emails, salespeople will need to rely more heavily on personal outreach.

Everyone the sales team encounters will have to go through a vetting process before being added to the sales database. It won't be enough to collect a card at an event, scan the contact information and add it to the database. It will also be important to separate true marketing leads that have agreed to be contacted from other contacts in the CRM database.

Bring back the personal touch

It's easy to worry about the shrinking lead lists. But it may also be creating a more realistic view and pulse check on the contacts and accounts that exist within the CRM platform, said Gina Kang, vice president of marketing, North America, at MPP Global, whose entertainment e-commerce tools can integrate with Salesforce metadata.

In essence, the impact of GDPR will be the weeding out of people not interested in interacting with sales and marketing efforts and will force teams to focus on creating deeper engagements through a more personalized and segmented approach.

Without the ability to send blanket marketing emails, salespeople will need to rely more heavily on personal outreach.

"It will be crucial," Kang said, "for sales, marketing and account management [and] support to create a comprehensive and coordinated effort to get their contacts opted in all around and aware of when and how their data will be used so that a mutually beneficial value exchange can continue to occur."

Next Steps

GDPR compliance requirements are about governing personal data

Dig Deeper on Customer data management