Press "Enter" to skip to content

What GDPR means for commercial printers

Antony Paul, Neopost Head of Enterprise Marketing, points out that for commercial print providers, GDPR represents much more than just a strengthening of the Data Protection Act. It brings in the requirement for written contracts between data controllers and data processors (i.e. a print provider that processes PII, such as a name and address).

“The ICO (The Information Commissioner’s Office) provides guidance on what contracts should cover, but essentially they are there to ensure that all parties understand their responsibilities and liabilities and to ensure that everything is documented. This could include details relating to the type of personal data being processed, why it is being processed and when the processing will be completed,” he said.

In addition to the need for written contracts, data controllers must ensure that any data processor used can show that they, too, are compliant with GDPR. If they are not and there is a data breach, the controller, as well as the processor, could be liable for fines or other sanctions. A print provider that handles a client’s customer data (e.g. a mailing list) may also have to submit to an inspection or audit.

“A further consideration for printers that sub-contract work, for example the mailing and insertion of catalogues and magazines, is the need to get the same guarantees from any supplier they use, along with a written contract and consent to the arrangement from the data controller,” explained Antony.

As onerous as these requirements are, Antony is adamant that commercial printers should view GDPR as an opportunity to win additional business by helping customers with their compliance initiatives.

“There are plenty of ways in which printers can use GDPR to their advantage,” he said. “The key is to understand what your customers’ concerns are and then identify how you can help. For example, you could make the most of your expertise in printed communications by helping them gain, renew and manage permissions and opt-ins through printed communications. This is not a one-off process and could be provided on an on-going basis. Now is also the perfect time to promote the benefits of direct mail. Already undergoing a resurgence due to the popularity of personalised communications, direct mail is viewed with less suspicion than some digital communications and is arguably easier to control.”

Due to the nature of their business, commercial printers have expertise in many different areas, from printed communications to data management to document management. GDPR could be the catalyst they need to raise awareness of their capabilities and win more business as a result.

Please follow and like us: