B2B Data Protection Rules and Regulations 2021
Posted: Wed Dec 04, 2024 10:15 am
As we move into the next decade, countries around the world are following the EU’s lead and implementing stricter data compliance laws, with tough penalties for companies that don’t comply. If you work directly with businesses (B2B), it’s critical that you know what you can and can’t do with their data.
But don’t panic. I’m Megan Bennett, Chief Compliance Officer at Cognism, and here’s my guide to the latest trends in B2B data compliance.
Current data compliance laws.
The GDPR
The most well-known data compliance law, especially in the UK, is the General Data Protection Regulation or GDPR . It came into force in May 2018 across the EU and EEA.
The goal of the GDPR was to give citizens greater control over their overseas chinese in europe data personal data, as well as to establish ways in which companies must process and protect the data they hold about their customers.
GDPR rules on processing personal data apply to B2B companies. But these companies can still carry out marketing activities such as cold calling or emailing, if they can prove their "legitimate interest."
Penalties for failing to comply with the GDPR are severe, with a maximum fine of €20 million or 4% of the previous year's global annual turnover, whichever is greater.
CASL (Canadian Anti-Spam Legislation)
In other parts of the world, such as Canada, there is CASL, which stands for Canadian Anti-Spam Legislation. CASL refers to email marketing and applies to all emails sent to Canadian residents as part of commercial activity.
The key feature of CASL is that recipients must give consent to companies before they are emailed. Implied consent can be used to send unsolicited B2B emails if the person's email address is publicly available (e.g. on company websites) and is not accompanied by a statement confirming that they do not wish to receive email marketing at their business email address.
If the person's email address is not publicly available, B2B companies should ensure that they only contact customers or prospects who have given their consent.
Another provision of CASL is that a clear unsubscribe option must be included in all marketing communications.
Penalties under CASL legislation can be severe. Maximum fines are $1 million for individuals and $10 million for corporations per violation.
CAN-SPAM
In the US, the CAN-SPAM Act governing commercial emails has been in effect since 2003. CAN-SPAM dictates that marketers cannot be dishonest when sending electronic messages. It also requires them to provide an unsubscribe feature in their emails and to act within ten days. There are no exceptions for B2B marketers.
CAN-SPAM enforcement is primarily enforced by the FTC (Federal Trade Commission). The FTC has the power to impose fines of up to $16,000 per email that violates CAN-SPAM.
New and upcoming data compliance laws
With the GDPR, the EU set a standard for data compliance that other states and countries now want to follow.
But don’t panic. I’m Megan Bennett, Chief Compliance Officer at Cognism, and here’s my guide to the latest trends in B2B data compliance.
Current data compliance laws.
The GDPR
The most well-known data compliance law, especially in the UK, is the General Data Protection Regulation or GDPR . It came into force in May 2018 across the EU and EEA.
The goal of the GDPR was to give citizens greater control over their overseas chinese in europe data personal data, as well as to establish ways in which companies must process and protect the data they hold about their customers.
GDPR rules on processing personal data apply to B2B companies. But these companies can still carry out marketing activities such as cold calling or emailing, if they can prove their "legitimate interest."
Penalties for failing to comply with the GDPR are severe, with a maximum fine of €20 million or 4% of the previous year's global annual turnover, whichever is greater.
CASL (Canadian Anti-Spam Legislation)
In other parts of the world, such as Canada, there is CASL, which stands for Canadian Anti-Spam Legislation. CASL refers to email marketing and applies to all emails sent to Canadian residents as part of commercial activity.
The key feature of CASL is that recipients must give consent to companies before they are emailed. Implied consent can be used to send unsolicited B2B emails if the person's email address is publicly available (e.g. on company websites) and is not accompanied by a statement confirming that they do not wish to receive email marketing at their business email address.
If the person's email address is not publicly available, B2B companies should ensure that they only contact customers or prospects who have given their consent.
Another provision of CASL is that a clear unsubscribe option must be included in all marketing communications.
Penalties under CASL legislation can be severe. Maximum fines are $1 million for individuals and $10 million for corporations per violation.
CAN-SPAM
In the US, the CAN-SPAM Act governing commercial emails has been in effect since 2003. CAN-SPAM dictates that marketers cannot be dishonest when sending electronic messages. It also requires them to provide an unsubscribe feature in their emails and to act within ten days. There are no exceptions for B2B marketers.
CAN-SPAM enforcement is primarily enforced by the FTC (Federal Trade Commission). The FTC has the power to impose fines of up to $16,000 per email that violates CAN-SPAM.
New and upcoming data compliance laws
With the GDPR, the EU set a standard for data compliance that other states and countries now want to follow.