Picto Dropcontact - half round yellow and greenPicto Dropcontact - Shapes straight

The General Data Protection Regulation (GDPR) in B2B

Cold email prospecting is possible. But there are rules to follow. Cold Email, Cold Call, approach on LinkedIn.... Don't forget GDPR. All the rules to follow

The first question you ask yourself when developing your business is whether you can do email prospecting.

The answer is not so obvious 😉

GDPR and email marketing

GDPR and B2C prospecting

In B2C, cold calling by email is strictly forbidden.

All emails must be opt-in. Each recipient must have explicitly agreed to receive an email.

There are several ways to give consent to the use AND resale of your data

  • Via a registration form and validation of the general conditions
  • By subscribing to a newsletter, by specifically ticking the box that the email and associated data will be used or sold to a third party or partner.

However, you may not, under any circumstances, email a person without their consent. This is strictly forbidden by the GDPR.

It is therefore essential to know the source of your B2C data before launching any commercial approach.

GDPR and B2B prospecting

In B2B, the CNIL recommends that you opt-in. This is a recommendation.

Nevertheless, a few rules must be followed: The person being canvassed must have a legitimate interest in being canvassed.

For example, if your business is selling computers, then it is perfectly legitimate to prospect for IT managers, companies that have a need for computers.

However, if your business is catering and selling meals at home, then it is not legitimate to address employees of a company to their work email address. This is a "personal" activity with no connection to the company's activity: the interest is for the employee as an individual.

But, if your catering business offers a lunchbox machine to be installed in the company then it is legitimate.

The CNIL has recently sanctioned for these reasons.

The nuance is important, it is what gives you the right or not to prospect companies that have not explicitly given their consent prior to the sending.

In any B2B email prospecting process, it is essential that your contact can easily and immediately unsubscribe.

Cold Email: rules to follow
Cold Email in B2B: Easy unsubscribing is a must

👉🏻 GDPR : can we send prospecting emails

👉🏻 Going further: CNIL: commercial prospecting by e-mail in B2C and B2B

GDPR and data enrichment in B2B

Having a contact is good. To be able to enrich it with all the useful data such as its professional email address or its telephone number is better.

Currently, to enrich a contact, all the solutions on the market constitute databases to enrich your contacts, leads or prospects.... And your contacts are probably used to enrich those of others 🌀

All of them... Except Dropcontact which uses NO database to find the email and enrich it.

Dropcontact relies on proprietary algorithms and test servers.

With each search, the algorithm is launched to enrich your data without having to search any database.

If we talk about databases, today LinkedIn has the largest and most up-to-date database ~450/ million profiles regularly updated by the users themselves. That's all there is to it!

But can we store data or "retrieve" and extract data from LinkedIn?

GDPR and B2B database

A few years ago, you could scrape en masse. Several companies have done this in very large masses: tens, even hundreds of millions of profiles scraped from LinkedIn.

These companies have finally built a copy of LinkedIn. Do you see the problem? 🤨

Other companies have found a quick "and efficient" way to build up personal databases: third-party extensions or applications (personalised contact directories, extensions, chrome...). By installing the application or extension, without even realising it, you "accept" the terms and conditions, including the sharing and resale of information from your email inbox, calendar, or other directories: first name, last name, personal telephone number, postal address....

Since March 2019 Google has, among other things, blocked such extensions. These techniques are now more complicated to implement.

This data stored at .... was obviously intended for resale...

Storing a nominative database and reselling it is strictly forbidden by the CNIL and the GDPR.

Today, some companies are buying up these databases on the dark web 🤐 Beyond the ethical problem, it is above all a question of concealment.

Concealment is the act of concealing, holding or transmitting a thing, or acting as an intermediary to transmit it, knowing that the thing is the product of a crime.

The fact of knowingly benefiting, by any means, from the proceeds of a crime also constitutes concealment, which is the offence provided for in Article 321-1 of the Criminal Code.

For several months now, the hunt in the Dark Web is on and these actors are starting to "fall".

You may not resell or transfer this data without a mandatory opt-in for resale: that is, a conscious and explicit agreement to resell the data to known and validated partners.

Have you already checked whether your contact data are in these databases? Have you ever explicitly given your consent to their resale?

It is quite clear that very (very very!) few people still give their consent to the resale of their data.

All data that is purchased in this way is not GDPR compliant.

It is important to remember that there is a chain of responsibilities and that each link in the chain must know the source of each of the data used in the prospecting: reseller AND buyer.

Once the ethical and legal issues have been addressed, there is another major problem with the storage of contact data: data obsolescence.

In 2021, the obsolescence rate of professional personal data is about 33%.

And this figure does not take into account the Covid crisis. The crisis has led to an explosion in the number and speed of company changes.

Data obsolescence is accelerating globally.

At Dropcontact, we do not have a contact database:

  • No problem of data obsolescence, all data is provided through algorithms and real-time test servers.
  • 100% GDPR compliant.
Survey, GDPR and data freshness
GDPR and fresh data = a win-win situation

🍒 A little icing on the cake, Dropcontact can now identify the validity or not of Catch-Alls. Dropcontact is the only solution to crack this well known problem for Sales, Marketing and Growth teams.

And it's not over...but

Stay tuned - Dropcontact

To go even further 🧨

Picto Dropcontact - Half round pink and orangePicto Dropcontact - Blue leaf

Let's Get Started!

Don't waste a single minute on your CRM data!