GDPR – Things Your Sales Team Must Know

B2B sales is a highly competitive field. If a company lies dormant, it is going to lose out on many potential clients.


In fact, according to a popular study by CEB Marketing Leadership Council, 50% of sales are closed by the first company who engages with a prospect.


It puts the adversaries of this company in a critical position. Whether it is cold calling or meeting potential clients through events, one can engage with the maximum number of leads through a handful of sure-shot strategies. It was about how well you approached strangers and made them your customers is what defined your strength as a salesperson.
However, the scenario has changed a lot lately with the introduction of data protection act known as the GDPR by the European Union in May last year.


If a company fails to comply with the GDPR laws, it can face fines up to 20 million euros. In certain cases, the company may end up losing 4% of their international turnover too!


British Airways, for example, are facing a fine of approximately 200 million euros for breach of data (September 2018). On the other hand, Marriott international is expecting a fine of about 99 million euros for a data breach which took place between the years 2014 to 2018.


Since you have to abide by the law, you need to know more about it. Given that 57% of sales representatives are unaware of the GDPR laws, it creates a lot of risks for the whole team involved. That is the reason why a company needs to understand what GDPR is and how you can continue generating leads complying to it?




One may take GDPR lightly. Many may think it does not apply to their industry sector or their company. However, that is far from true. To figure out whether its rules apply to your company, here is a checklist that one needs to follow:


Whether or not the company relies on purchased leads for filling up a sales pipeline
If the company is adding a business card with contact’s data to its mailing list
Companies who ask existential clients for recommendations and referrals
GDPR will apply to any of the above points. Moreover, it is not at all confined to companies that fall under the Europe union. Rather as a business if you have users or clients from the EU, a business organization will have to abide by GDPR.




Ever since 25th May 2018, GDPR has come into effect across the EU. It has resulted in the protection of private data of all European citizens. Regardless of whether the data is processed in the EU or not.


Now, when it comes to sales, private data helps the sales team to generate suitable leads and build a strong CRM system.


Now, personal data may include details like the name of the individual, age, email, contact info, and interests. If you dig deeper, personal data involves sensitive information like medical information, bank details or IP address. The vital task is to handle all kinds of personal data with the consent of the concerned person.




The first two steps of sales prospecting are data collection and storage. It is then followed by the processing of data.


With GDPR coming into play, the sales team needs to collect and store personal data after seeking permission from the users. The most typical form of this permission seeking approach is by attaching a link and redirecting it to a privacy statement or forwarding it in a follow-up email. This format needs to be followed as individuals have complete right to stay informed about the kind of data a company is collecting and the purpose for it.


The user must be informed about the purpose of data but also the timespan during which the data will be kept in storage.Hence, without the consent of the potential leads, collection of personal data if done needs to be informed within a 30 days’ time frame. You need to inform the user as to why the data was collected and what you intend to do with this data.

If the potential lead reverts that, they are unhappy and want the company to erase all the stored data, you will have to comply by that. In such cases, the user details are removed from the CRM database.


Now that the data collection has been dealt with comes the 2nd crucial part – data processing.Upon the collection of prospect information, their details are added for a wide range of sales and marketing purposes.
For example, if someone downloads a free e-book, you were offering on your website. You collect their email address and use it to send them a newsletter later.


You cannot do that anymore. Doing so can lead to a fine or even impose a legal action against the company. As an organization, when you collect personal data such as an email address, not only do you need to inform the user. You also need to take the consent of the user before sending them any form of promotional content.


Summarized in simple words, having an email address doesn’t permit you to spam the user.