Best Practice

A Marketer's Guide to the General Data Protection Regulation (GDPR)

By Donna-Marie Bohan,

The aim of this report is to help demystify the GDPR for marketers, disseminate the findings from Econsultancy’s ‘Marketers and the GDPR: Are you Ready?’ survey and provide a clear action plan for how marketing teams can become GDPR compliant. 

It is critical that marketers understand how the GDPR affects them directly, along with navigating key risks, benefits and changes to workflow. Many of the GDPR’s main principles are similar to those in the current Data Protection Act (DPA) that is based on an EU directive, so if you are complying properly with the current law then most of your approach to compliance will remain valid under the GDPR and can be a useful starting point to build from. However, there are a number of new concepts and developments that you will have to consider for the first time.

The report sets out to:

  • Highlight research findings from Econsultancy’s ‘Marketers and the GDPR: Are you Ready?’ survey
  • Present the views and insights about the GDPR from a range of Data Protection Officers, consultants, trainers, trade bodies and policy and compliance experts
  • Offer actionable insights and guidance to ensure your marketing practices comply with the new rules set out by the regulation and to prepare you on your journey to compliance 
  • Answer common questions and clarify misconceptions about the GDPR

The report is based on a survey of over 1,000 client-side and agency-side respondents in the UK.

In addition to the survey, a mixture of face-to-face and telephone interviews were conducted with a number of people. Econsultancy would like to thank the following people in particular for their contributions to this report:

  • Catherine Armitage, Senior Manager Public Affairs, Digital Governance Exchange at World Federation of Advertisers (WFA)
  • Duncan Smith, Econsultancy trainer and Director of iCompli Limited
  • Hellen Beveridge, Privacy Lead at Data Oversight
  • Micky Khanna, Founder of Prosults Ltd and
  • Richard Merrygold, Director of Group Data Protection, HomeServe
  • Ruben Schreurs, Managing Partner at Digital Decisions
  • Tim Roe, Deliverability and Compliance Director, RedEye International Ltd
  • Yves Schwartzbart, Head of Policy and Ad Tech, IAB UK
  • Anonymous Data Protection Officer at an insurance company

Contributing Authors


Donna-Marie Bohan

Research Manager, Econsultancy

More reports from Donna-Marie Bohan

Table of contents

1. Introduction

  • Methodology
  • Executive Summary
  • About Econsultancy

2. An Overview of the Regulation

3. The Major Implications for Marketers

4. How to Prepare - Your Roadmap for Compliance

5. The Challenges of Compliance

6. The Opportunities and Benefits

7. The Future of Marketing in a Post-GDPR World

8. Training, Education and Resources

9. Appendix


  • Pdf Disabled A Marketer's Guide to the General Data Protection Regulation (GDPR) (7.08 MB PDF)

Access the full report

Econsultancy subscribers have full access to all our online research as well as a host of other services designed to help save you time, make better decisions and look smart in meetings.

Learn more and buy today