Propel & GDPR
As a PR professional, you have likely heard of the General Data Protection Regulation (GDPR), which is the EU’s regulation for protection of personal data of EU residents. GDPR is a comprehensive set of laws passed in May, 2018 that affect EU businesses but also businesses outside of the EU that control or process EU residents’ data. If you are a PR agency that is based in the US and predominantly pitches US-based journalists, but even occasionally pitches any journalists or influencers that are EU residents, GDPR applies to you.
Compliance with GDPR is complex and requires specific handling of contact information and personal data of each journalist or influencer that is an EU resident. Certain requirements relevant to media relations professionals include:
The ability to permanently delete all of a contact’s personal data across all media lists and company records (including email, phone, notes, pitching history from your records), if a journalist so requests. In some cases, you are required to do this within 30 days of receiving the request from the contact.
Tracking the lawful basis of processing (i.e. the reason you have the right to use a journalist’s data and pitch her) for each contact.
Offering recipients of your pitches the ability to opt out. This means that a reporter must be able to “unsubscribe” to receiving pitches.
Providing a copy, upon request from a reporter, of the personal data that you have about him.
Being able to modify, upon request from a reporter, any personal data you may have in every place you may have it, such as phone number, email, etc.
For firms storing reporters’ data (whether email, phone, notes, etc.) across dozens or hundreds of media list spreadsheets, GDPR compliance may be exceedingly difficult or even impossible. Centralizing all of your firm’s contacts within a PR CRM system is an important step toward making compliance easier. Having a PR CRM system enables your firm to have a master, centralized record of each reporter or influencer you have pitched or plan to pitch – across the whole firm. As such, the actions listed in the bullet points above required by GDPR can be accomplished firmwide with significantly less effort.
Propel is committed to providing tools to PR firms and in-house PR departments that make GDPR compliance easier. The very nature of a centralized PR CRM such as Propel makes compliance significantly easier for PR professionals. That said, Propel has decided to take it even a step further, and build a specific GDPR-specific suite of tools offered in our Premium and Enterprise plans. These tools enable easier compliance with GDPR.
To learn more about how your PR firm can become GDPR compliant, please email our public relations GDPR expert Zach Cutler, at firstname.lastname@example.org.