Check out our latest product updates!
Share this
15 May 2018

Data protection compliance on a budget: How to reassure your clients when it comes to cost

According to stats from March 2018, fewer than 10% of businesses were ready for 25th May’s General Data Protection Regulations. Those that are prepared are concerned about cost too - the Federation for Small Businesses reports “its members say they spend seven hours a month on data protection compliance, at an average cost of £1,263”.

Marketing agencies talk about budgets with their clients all the time, but it can be a sensitive subject when no one’s quite sure what GDPR means or what it will cost. Here’s how to reassure your clients, and make sure staying compliant doesn’t eat into their digital marketing budget too much.

Be clear on what is and isn’t their responsibility

One of the easiest ways to overspend is to try and prepare for every aspect of GDPR, even when it’s not particularly relevant.

There’s so much information out there - the Information Commissioner’s Office alone has reams of information - that small businesses often hand over responsibility to an expensive service or specifically hire a Data Protection Officer, even when it isn’t legally necessary. There are also quite a few GDPR myths floating around. For example, businesses only need to report a data breach to the individuals affected “if it’s likely to result in a risk to people’s rights and freedoms”.

The main priorities for small businesses are understanding which of the six lawful bases for processing data they use:

  • Consent
  • Contract
  • Legal obligation
  • Vital interests
  • Public task
  • Legitimate interests

They might not all apply to an individual clients’ data, businesses just need to pay attention to the most relevant. Your clients need information before they start writing cheques and hiring ‘experts’.

Demonstrate how they can benefit from new privacy rules

After two years of discussion and dissection, the GDPR can feel like it’s all cost, time, and stress, even when the responsibility is shared between a few different people in an organisation. Now the deadline is fast approaching, digital marketing practices will have to change, but that doesn’t mean your clients can’t continue to reach new audiences.

Trust and transparency

Opt-in rules will change the way you can gather and use data for your clients. Some are pessimistic and see it as a huge roadblock, but they’re missing the massive opportunities that are right in front of them. With less noise in people’s inboxes, and more of an engaged audience in your database, the ability to turn leads into conversions can increase dramatically with smart email campaigns and clever digital marketing strategies.

The post-GDPR myth


The phrase ‘post-GDPR’ is used a lot, but the reality is there won’t be a clearly defined period after 25th May where everything suddenly changes. The way data is collected and used will continue to evolve and businesses will find their own way to benefit from data privacy regulations. Your clients are currently likely to be concerned by the new laws, but once they’ve implemented them, it’s all about growth from 25th May onwards.

Show them how to save time and be compliant

All these new rules and responsibilities must mean hours of work and extra resources? Not necessarily. Automating the process can really speed things up without cutting corners. worked with Startupbootcamp, the world’s largest network of innovative programs, to help them become GDPR-ready. The business holds a massive amount of global data and has worked with more than 600 companies, so they needed multiple systems to audit, manage and track data with the highest possible security.

Startupbootcamp are now GDPR-ready, can update their third party contracts, and store everything securely and accessibly. This saved approximately £22,000 in setup costs, 220 days of work due to automation of processes, and 560 days of work to fulfil GDPR-based data requests. 

When time is inevitably money,’s tools and solutions can make GDPR readiness almost entirely automatic.

Find out from the experts how to make sure your clients are confident they’re GDPR compliant.’s CEO, Julian Saunders, will guide you through 4 easy steps any business can take right now.

Watch the Webinar

Picture of Chris


Read more posts by this author.

Read More