Chris Combemale, executive director of the Direct Marketing Association, explains to Talk Business Magazine why good data is the key to effective direct marketing for business, and why companies must pay attention to data collection and security to avoid losing customers – or worse

At first sight, it may appear to be a formidable task, but becoming acquainted with data protection law and established standards of best practice are the first steps towards encouraging your customers to entrust their data with you.

The golden rules

1). Data protection – The first place to start is ensuring your business complies with the law. The Data Protection Act 1998 is one of the most important pieces of legislation you must follow.

The Act contains at its core, eight key principles that must be adhered to, stating that personal data must be (1) fairly and lawfully processed; (2) processed for specified and limited purposes; (3) adequate, relevant and not excessive; (4) accurate and kept up-to-date; (5) not kept for longer than necessary; (6) processed in accordance with the rights of data subjects; (7) protected by appropriate technical and organisational measures against unauthorised or unlawful processing and against accidental loss or destruction, or damage, and finally (8) not transferred to a country outside the European Economic Area unless it has adequate levels of protection for personal data.

2). Transparency – Your customers want to know how you will use their data. When requesting personal details, always make it clear what the data will be used for, whether it will be passed on to third parties, how long it will be kept for and how often that person will be contacted. Also ensure you state that you adhere to best practice and how strict your data procedures are.

3). Data capture – Under the Data Protection Act, you can only collect data that is relevant and not excessive to your processing requirements. When capturing data, simplify the process of providing details by keeping questions short and pre-populate data wherever possible by saving details or using address finders. Always remember that sensitive personal data needs to be captured correctly on an opt-in basis and updated where necessary.

4). Caring for personal data – Your business must take appropriate technical and organisational measures to protect the security of your customers’ data. For example, you should consider password protecting and encrypting the data to limit access to relevant personnel only.

5). Receipt and transfer of data – Ensure everyone in your business understands their responsibilities regarding the transfer and storage of data. Classify data so that individuals can recognise its importance and sensitivity. Send data via electronic methods, where possible, and ensure it’s encrypted for security. Passwords should be sent separately.

6). Hire an expert – If you require complicated data systems and processes, and you don’t feel your own software will be able to do the job, then you should consider hiring a data company that will be able to process your data more effectively leading to better results…

Read the full feature in our November issue or in the digital edition by clicking here.