Filter by/
Region/  All
Type/  All
Sorted By/  Most Recent

The really useful GDPR resource: your definitive guide

By / / In Best practice /
Here it is! Everything you need to know about the GDPR, from what it is to how it affects you and your brand/business – wherever you are in the world. We have put together a full GDPR resource – a complete guide to the General Data Protection Regulation and how to make sure you comply with the new law, both before and after its enforcement date, 25 May 2018.
GDPR resource

We’re still getting asked here at the GMA about the best sources of information on GDPR. Not the doom and gloom opinion pieces that proliferated in the run-up to the May 25th enforcement date, but the actionable, do-something-about-it, make-it-work type of content. A full GDPR resource for you to refer to when you need information quickly, or to study more deeply over time.

So here you are, The Global Marketing Alliance’s ‘best of GDPR’ page for your perusal and satisfaction. We hope it helps.

And if you want to share your know-how on the subject and get a great piece of content added to this GDPR resource, please email and, if we reckon it ‘has legs’ and adds true value for our knowledge-thirsty readers, we’ll run it as quickly as we can.

Meanwhile, if you think this is all really useful info – and we hope you do – please forward, like, share and otherwise distribute it, so as many people as possible can benefit, too. Thanks!

Here’s the big kahuna!

For those of you with lots of spare time and an unnatural liking of EU technobabble, here is the full legislative document – click that link to view all 99 chapters of legislation and 173 Recitals (interpretation and reasons for various aspects of the legislation).

Our GDPR resource and The Official Stuff:

Whatever you read below and elsewhere, it makes sense to make sure you have digested the official GDPR perspective from the ICO.

In particular, the ICO’s 12 steps to take now for GDPR is a useful GDPR resource, as are detailed guides such as this one on GDPR consent.

We rather like this European Commission interactive infographic. It’s kind of fun and a great introduction – and ideal for sharing with people at all levels in your business who need a quick intro.

Finally, this is a must-read: UK Information Commissioner Elizabeth Denham’s own myth-busting article on GDPR.

Key influencers on GDPR you should know about

  1. Responsible for guiding policy for online advertising as it relates to GDPR: Yves Schwarzbart, Head of Policy, IAB @yvesldn  @IABUK
  2. Privacy and technology expert Gilbert Hill, London Tech Advocate spokesman and and GDPR trainer gilbertmhill
  3. GDPR Author and trainer Maurice Flynn, GDPR lead at DECCO, @MauriceCFlynn
  4. Rupert Graves, CEO Adunity and pi compli and IAB committee member@AdUnityEU

These are our choices, based on real people we know, but others have assembled key influencers based on share of voice in social. We like this summary of GDPR influencers.

As well as creating this definitive GDPR resource of relevant names and weblinks to guide you through myriad information on the subject, we have also created the RISE Power 100 GDPR scorecard. It’s based on Klout scores which is heavily twitter-focused so existing networks, size of organisation and knowing how to ‘game’ the system means it’s not perfect. It is interesting though, take a look: GMA GDPR Power 100

GDPR resource

Click image to view full size.

And we think this site – The Data Protection Network (DPN – a GMA Network partner) – offers some of the best, no-nonsense advice out there when it comes to GDPR. It’s also free, although you do need to create an account to access some of the content. Check out the Data Protection Network Compliance Ladder (click the picture on the right to view it) and also visit this page for guidance on GDPR profiling: what you need to tell your customers – and, especially, visit this page for info about Legitimate Interests.

GDPR resource

Click here to view the Global-Z guide.

The DPN’s Rosemary Smith (co-founder/director of Opt-4, which offers GDPR advice and training) has edited the Global-Z practical guide for global businesses on GDPR. Across some 70 pages, it gives chapter and verse on the regulation for companies that market to or collect data about individuals in the EU. Check out the guide by clicking on the image (left). Global-Z – based in the US – has a whitepaper titled, ‘6 Steps to Prepare Your Customer Data for GDPR’, which also offers invaluable guidance for companies that hold data on EU individuals on staying on the right side of the new law. Click here to view that whitepaper.

Rosemary Smith takes part in this hour-long webinar (below) on Legitimate Interest – is it appropriate, is it lawful, is it a get-out-of-jail-free-card, how can you know for sure? The webinar was hosted by law firm Bristows and includes Stephen McCartney, DPO at Pearson Education. Under debate is the sentence, ‘Just because you can, doesn’t mean you should’. Take a look:


GDPR resource

Click on the image to download this GDPR whitepaper from Blue Sheep.

Smith also edited this GDPR whitepaper (image, right) from Blue Sheep – which is another really useful resource, full of vital information – download the pdf here

We also recommend that you check out this website, which is dedicated to giving a full run-down on the EU GDPR, and we have found this resource kit from Mailjet useful. Be aware, too that a full training course on being GDPR-compliant is available at the IAPP (International Association of Privacy Professionals).

And here’s another excellent resource, the GDPR Index, which gathers together companies, consultants, products and all things GDPR-related to help guide you towards full compliance.

We have also been contacted by Drew Fobbester, who has been holding seminars and workshops on guidance and compliance in the run-up to GDPR D-Day on May 25. He told us: “My one-day open seminars are brilliant (not big-headed or anything!). I take an innovation and efficiency/productivity approach and attendees/clients love it. But our short gap analysis questionnaire is a great way to start, at: to get a rough GDPR readiness score.” He also has a comprehensive ‘GDPR Made Simple’ toolkit to share with readers – just email him here: to view it.

Getting in touch also was Justin Fox at Cheeky Munkey, an IT support company which has produced an infographic on GDPR – as he explains: “We’ve designed it as an introduction to what’s quite a complex topic – it’s an overview of how data handlers can become compliant.”

And if you are looking for training, visit TeachPrivacy’s website – read some of the blogs there and the resources are useful too – click here for a good infographic. It was recommended to us by Nina Barakzai, group head of data protection and privacy at Sky – who was a speaker at our recent MINT Data Driven Marketing Summit, held in central London – check out what she had to say there, here and here.

Meanwhile, Jason Morris from emailed us, saying: “Doesn’t it seem like everyone is talking about GDPR at the moment? Marketers are left wondering, ‘What’s involved in GDPR? How do I now run my campaigns?’ But here’s the deal: If companies don’t get it right, it could lead to fines, bad publicity and lost customers.”

Inflowing – an ABM-focused agency based in Nottingham – offers answers to marketers’ questions in its ‘Ultimate guide to GDPR for marketers’. It’s a very useful resource – check it out, here.

The GMA has had a few things to say, too!

Our expert contributors at the Global Marketing Alliance have been writing about GDPR for some time. Here are some of the articles that we think give interesting perspectives on various aspects of the legislation:

Why US marketers must get up to speed to avoid a GDPR shock

The GDPR opt-in opt-out hokey-cokey – was that what it’s all about?

Data quality in focus: GDPR puts data professionals out front for commercial decision-making

Don’t risk GDPR non-compliance – put quality customer data at the heart of campaigns

Are you now GDPR compliant? If not, what happens next?

GDPR & protecting your customers’ personal information: what you need to know

GDPR: legitimate interest pitfalls & how to avoid them

GDPR new era dawns, changing your marketing for the better

May 25: GDPR will bite as big as it barks

Fresh from MINT – GDPR ‘an opportunity for data-driven marketers’

Effective email marketing – timing is everything to avoid GDPR unsubscribes

As GDPR implementation deadline looms, third of marketers in Europe and the US still don’t understand it

A GDPR revolution for location-based in-app advertising ‘to benefit consumers and the industry’

GDPR new data protection regulation is coming . . . are you sure you’re ready?

Into the future alongside GDPR – opportunities as well as challenges for online marketers

New privacy rules OK – how GDPR will affect data use in retail, automotive and financial services

GDPR & email: will the new regulation be the death of email marketing?

The Golden Quarter & GDPR – opportunities for marketers

As mist round GDPR lifts – 5 steps to help you keep calm and carry on

Focus on the merits of GDPR – rebuilding consumer trust

The top five GDPR myths . . . answered

SWOT up on data privacy: ‘think positive, it’s a GDPR opportunity not a threat’

B2B GDPR – a common sense view and workable expertise, at last

GDPR compliance: act in haste, repent at leisure

The marketing consequences of GDPR – who will be the winners and losers after May 2018?

The GDPR consent dilemma: is there an alternative?

GDPR and your data: check you comply . . . then check again

Elsewhere in the media

GDPR is certainly what everyone has been talking about, understandably – so here’s a few articles we can recommend.

  1. CMS Wire has an interesting perspective on the right to erasure (to be forgotten)
  2. Symantec discusses the effects of GDPR on companies that are not based in Europe
  3. Solutions providers discuss compliance and how prepared companies are for the new regulations
  4. Here’s how the new laws can impact smaller businesses
  5. Amaze One has penned several informative articles on life after GDPR
  6. Learn about GDPR from the ground up in this ‘dummies’ guide
  7. DataIQ’s digest of latest news on GDPR
  8. Here’s a good article on the best time of the day to send GDPR consent emails, by Decision Marketing

Vendors and agencies

They may have an agenda, but there are lots of great GDPR resources being created by various companies that support GDPR compliance in some way. These are some of our favourites:

  1. From Merit Group, we have their FAQs on GDPR and e-Privacy
  2. Here’s a good resource from SmartFocus – a downloadable infographic of 10 GDPR FAQs
  3. And here is plenty of GDPR detail from DBSData, a data compliance consultancy
  4. Legal eagles are offering help at the UK DMA
  5. Launched by OneTrust, free GDPR half-day workshops are being held in cities around the world, throughout the year, by PrivacyConnect. Check out the details here … and here.
  6. Check out Gigya’s survey and GDPR ‘readiness toolkit
  7. DSTSystems has a six-point checklist for post-Brexit compliance
  8. Fastmap has a guide to consent and permission statements
  9. Acxiom examines the impact of GDPR and Brexit
  10. BrightHR looks at the non-compliance penalties.
  11. Omnisend, an e-commerce marketing automation platform, has put together a good guide to the regulation, here.
  12. has a 45-minute webinar, discussing how companies should ask for consent in a GDPR-compliant way – view the video here.
  13. There’s a plain English guide to GDPR for small businesses, put together by the AppInstitute, which is viewable here.
  14. And, talking of videos, we like the one we have featured below, which is a swift round-up of what companies need to do to ensure they are equipped for the GDPR changes:



Before you go:

“We take privacy extremely seriously,” says Apple co-founder Steve Jobs about one minute into the short video included below. It’s an interview from 2010 and is therefore more about Silicon Valley’s general stance than the affects of legislation. But listen . . . . take on board how the late, great Jobs seems to predict the essence of GDPR after making this statement: “Privacy means people know what they are signing up for – in plain English and repeatedly.”

If you have an opinion on this GDPR resource (which was first published on this site on March 19), please join in the discussion: the GMA is a community of data driven marketers and YOUR opinion counts.

Sally Hooton
Author: Sally Hooton
Editor at The GMA |

Trained as a journalist from the age of 18 and enjoying a long career in regional newspaper reporting and editing, Sally Hooton joined DMI (Direct Marketing International) magazine as editor in 2001. DMI then morphed into The GMA, taking her with it!

Leave your thoughts

Related reading

  • Keep up to date with global best practice in data driven marketing