Are SMEs More Likely to Fall into the Bear Trap of GDPR?

GDPR affects everyone from large corporations to SMEs. It’s a complicated set of regulations, and the consequences of falling fowl of them are pretty astronomical. Up to 2% of your business’s global annual turn-over in fines, to be exact… And the possibility of a prison sentence.

While the regulations apply to everyone, recent research from the Federation of Small Businesses has shown that not only are a substantial number of SMEs not prepared for 25 May, but they are also more likely to be in conflict with the new regulations. But why?

Lack of Knowledge

SMEs, especially those who DON’T work in marketing, are less likely to be aware of GDPR. In fact, at the end of February this year, the FSB reported that 90% of SMEs in the UK weren’t prepared. While GDPR doesn’t just apply to marketing, marketers are more likely to be aware of it because it directly affects what they can do for themselves and for their clients. But it appears that most SMEs are relying on their agencies or solicitors to inform them of what they need to do, which brings a new set of problems.


The start of something big. Find out more about our marketing strategy expertise.

Lack of Resources

Speaking to marketing agencies and (especially) a solicitor is a pretty good move since they’re more likely to be able to provide some guidance on whether or not your business will need to make some changes on how you handle data. But the reality is that a lot of SMEs don’t use marketing agencies, and solicitors are guaranteed to burn a rather large hole in your pocket.

In addition to external advice, all companies need to consider compliance. GDPR states that there MUST be a Data Protection Officer if your company is a public authority or you carry out certain types of processing activity. This officer must be someone who can discuss data usage or handle requests for data to be deleted, etc. In a large corporation, taking ownership of something like this is far easier because individuals roles are more clearly defined. In SMEs, employees are more likely to have a wider range of responsibilities, so the lines can be blurred. Further, it might not always be beneficial to have too many people involved in compliance.

Lack of Data

The upside of GDPR is that your contact database will now only include people who really want to hear from you. You will have a captive audience to speak to. The issue arises if you see your contact database decreases when people opt-out of communications from you. It can be scary to see your database halve in size. But the best thing to do is keep thinking of the pro-active and willing audience you now have at your fingertips.

GDPR is likely to completely shake up the way businesses market to their target audience. This is a moment to pause and consider who you have been marketing to, how you have been communicating with them and what message you have been using. A healthy review will, in the end, focus your attention on improving your communications and should lead to more and better business. It will also weed out those who are just taking up space in your mailing list. There’s more than one way to market to your customers– and our Elastic approach as a multi-disciplinary agency can help you with just that. If you’re looking for a new and exciting way to keep in touch with your customer base, get in touch and see how we can help.


Get in touch today