Do you use your phone as a sales tool?
The word “data” in General Data Protection Regulation may lead you to think that GDPR applies only to sales teams who rely on email, social media, or other online sales tactics.
That’s not true.
If you use electricity to contact European prospects or collect their information, you’re not exempt.
That mobile phone of yours needs electricity - so you need to be aware of your GDPR responsibilities when making sales calls to European prospects and leads.
GDPR isn’t just about how you contact people. It’s about whether you have permission to do it.
You need to be aware of GDPR compliance now - as the legislation comes into effect on May 25. GDPR aims to give Europeans more control over their data, including the right to know where a business got their data, the right to withdraw consent, and the right not to be contacted without consent.
That last point is the one that will affect cold callers, and the price of non-compliance is steep. Companies that violate GDPR will be fined €20 million Euros or 4 percent of global turnover, whichever is higher.
It’s a big risk for any sales organization to go blindly into GDPR, but the law can seem intimidating and vague. With that in mind, we’ve been writing simple, practical guides to help sales managers and their reps prepare for life after May 25.
(We’ve already dedicated an entire article to explaining the GDPR email marketing responsibilities that you and your sales team should read and understand.)
We’ve boiled the legislation down to five relevant points:
If you’re a sales manager or a salesperson who relies on cold calling, read on.
We don’t want to tell you to stop cold calling immediately.
We want to give you the information you need to stay on the right side of the law.
Like cold email marketing, cold calling comes under the ‘unsolicited communications’ area of the legislation.
This means sales teams will have to ‘warm up’ some of their sales calls to develop more helpful, prospect-friendly practices.
Sales can work directly with marketing to qualify leads before the sales team makes contact. The marketing team can use lead generation programs to warm up prospects and gather the required permissions through web forms so that a salesperson can reach out on a call. Offering value in the form of a demo or expert consultation makes this permission easier to generate.
This will thin out your sales team’s pipeline. But don’t let that freak you out.
Sales teams are more successful when they are able to focus on a small number of quality leads, rather than trying to close deals with a lot of mediocre leads. Dumping colder leads prior to any sales contact helps you stop neglecting hot leads.
You can also contact existing customers to offer them products and services related to what they’ve bought from you in the past. You’re adding value. That’s a legitimate reason to call.
On those calls, you may also ask for permission to email a prospect, but when you do, you should then immediately follow up, sending a an email to the prospect documenting the nature of your call and what they agreed to.
If you do use web forms to gather permissions, don’t request a phone number from a prospect unless you will need it. This will minimize your risk under GDPR.
You don’t want to collect superfluous data because you could be held accountable for it: what you’ve collected, how you store it, and who has access to it. The less you collect, the less risk to you.
Now is the time to ask yourself some questions about the data you’re collecting: do you really need to know the education level of a lead or what position your prospects hold at work?
Only collect data you have a reasonable need for, in case you later have to defend that need.
Aside from just GDPR compliance, there is a good business case for this — minimizing the data collection process for a salesperson makes their job easier, cutting down the time they spend on administrative tasks, and giving them more time to chase down quality leads.
And you must always give your European prospects the option of deleting or requesting their data under the GDPR (but this is good practice for all of your prospects).
Let’s start by looking at some of the explicit rules about using data for cold calling.
Article 6 of the law says organizations can legally use someone’s personal data for six reasons:
Sales teams will want to pay most attention to the first and last bullet points; if someone has said it’s okay to contact them with information about products and services, you can contact them about the products and service they agreed to.
That’s pretty straightforward, so long as you’ve followed the rules about opting in (pre-ticked boxes and not saying no will no longer count as consent, for example.)
The last bullet point means that as long as you have “legitimate” business interests — you’re selling a product or service to an appropriate prospect — you’re allowed to cold call, so long as your right to promote your product isn’t overridden by your prospect’s desire not to be contacted. In fact, according to Pipedrive’s GDPR expert, Martin Ojala, Recital 47 of the GDPR explicitly says direct marketing can be considered a legitimate interest.
In order to claim that your direct marketing efforts are a legitimate business interest, you must do something called a “balance test,” which weighs your right to do business against the prospect’s right not to be called.
Ojala explains the considerations relating to cold calling:
“In this context, you should consider whether you have a valid reason to believe that the person is interested in what you’re selling. If they are interested, then they will likely not feel that their privacy is violated to a great extent and this means that your ‘legitimate interest’ will prevail.”
On the other hand, if you’re trying to push your product onto an elderly person, or someone who is mentally disabled, their right to not be distressed overrides your right to call them. Or if you’re just cold calling whatever numbers you happen to have, without knowing if the person on the other end of the line has any interested, you’re very much at risk of being reported as a nuisance.
This brings us back to our central question: will you be able to cold call after May 25?
Are there any instances when a salesperson can call a prospect who is not a customer without their documented explicit consent?
For B2C operations, says Ojala, the answer is a firm no.
For B2B sales teams, the answer is a little more complicated...
“I would draw a parallel to the justification for being able to consider marketing to your own customers as a ‘legitimate interest’. The reason for this is that you have good reason to believe that the party is interested.”
Why might you have legitimate interest?
Companies often list contact information for certain personnel on their website for various business propositions. This gives you a good indication it’s okay to call the relevant person to have a sales conversation about something related.
It’s important to note that a person’s work address still counts as personal data, but being listed on a website or elsewhere for the purpose of being contacted for sales/marketing communications has some characteristics of consent. It often lacks others though, namely that of ‘specificity’ says Ojala. You still need to tread carefully in this regard.
If a business card was given to salesperson at an in-person meeting, does that imply consent?
Ojala suggests this situation may pass the balance test.
While the exchange of a business card alone does not imply consent, the sales rep must use their judgment to determine the context of the interaction before taking on the responsibility of making the call.
If you feel sure the prospect would see potential value from the conversation based on your previous interaction, you have an implication of passing the balance test to contact them within your ‘legitimate interests’.
As with many things in GDPR, this type of situation must be judged on a case-by-case basis.
We cannot give you a hard and fast rule.
It can be difficult for sales departments to ‘comply’ with GDPR.
There aren’t any concrete rules to shape a company’s cold-calling policies; no checklist of what you should and should not do to avoid running afoul of the legislation, and — because it’s so new — no existing best practices.
Sales managers will have to develop their own processes to manage the risk of GDPR violation.
Does that mean that cold-calling should be shelved as a sales tool?
Of course not — you just have to accept that any unsolicited contact with a prospect is a risk.
If a salesperson thinks a prospect will be interested in receiving their call, they might feel comfortable taking that risk. There aren’t GDPR police wandering around, checking to make sure no one is cold calling. No punishment will be levied against a business unless the recipient of an unwanted cold call reports it.
For sales reps using cold calling regularly - GDPR will be about balance. You have a right, under the law, to market your business. Sales teams that can effectively balance that right against their prospects’ rights and interests will be fine.
They will have considered whether the prospects they are calling are actually interested in their products and services, rather than blindly reaching out to everyone they can.
And that’s just good sales practice.
If there’s one piece of advice we can leave you with it’s this:
Take the chance to make sure your sales and marketing practices are helpful for your prospects, leads and customers.
That’s the intention of the legislation, and it should be the intention of any sales manager looking to build processes for fast, sustainable growth.
Qualify your leads before you call and you’ll maximize the efficiency of your sales team by focusing more time on the right prospects.
Start or continue the conversation with like-minded sales and marketing professionals on our Community.Join our Community
How to calculate incremental sales and what it means for your business
Marketing is all about supporting and improving sales outcomes. By measuring incremental sales, marketing teams, sales managers and business owners can better understand the success of their promotional activity and direct future investment accordingly.
How to calculate sales volume variance and why it’s important
How can you calculate sales volume variance and what does it mean to your business? In this guide we explain what factors can impact sales volume variance and the formulae you need to measure it.
A Guide to Email Marketing Regulations: Consent and GDPR
If you’re an email marketer, you need to get verifiable consent from your email users. In the EU (or marketing to the EU), you need to follow GDPR. Read our guide to make sure you know the rules and regulations.