GDPR data: how clean is your CRM/database? Can you afford NOT to read this?

GDPR data, clean your CRM and obtain contact consent

Do you really know how clean your CRM/database is? How do you know? Apart from having accurate data, do you have a recent consent for contact? If so, what type of contact consent have you been given? If you currently do not have the answer to these questions or cannot easily look up this information, your firm is not GDPR compliant and you may face fines in the future.

Good news, however, you still have time to clean up your database or CRM.   You should plan for 3 months at least to get your data in order. Why? because you have to do lots of ground work. Here is a list of core things you need to do:

  • Ascertain where personal data is held
  • Consolidate this data
  • De-dupe / merge data records
  •  Split data into existing clients, opportunities and prospects (you will see why below)


Once your CRM/database is ‘prepared’ you will now need to go a step further with your data cleansing activities. You will need to:

  1. Validate all forms of data held to ensure it is accurate
  2. Determine forms of contact your business intends to make (ie email, phone, text etc..)
  3. Contact each person in your CRM/database to obtain consent for each form of contact


This will inherently take LOTS of time. You can no longer simply include contact consent in the fine-print at the end of documents or digital forms. GDPR states you must clearly state your contact intentions from the outset, such as how, when, where, why & for what reason.

There really is only one way to get this done. By speaking with everyone in your CRM/database. Contacting clients is easy and can form part of your nurturing/retention strategy. Contacting new business opportunities the same, as your sales teams should already be regularly engaging with them to drive business. Contacting prospects quite another story however.

Not only are you introducing yourself and your business proposition, you are asking for two things from prospects who don’t know you:

  • Can I tell you about my services/products?
  • Can I continue to contact you?


That is an interesting challenge. We’ve all been prospected at one time or another. Think of what made a positive impact on you and what did not. Next turn that into your pitch when you call prospects.

Now I revert back to the question of time. Prioritising consent requests, you now doubt will follow the path of existing clients (oh and business contacts), followed by opportunities, followed by prospects and lead gen.

Do you have time to do all in the next 3-4 months? My guess is not. So here comes the question…. Why not outsource the latter? Get someone else to do the prospecting for you, enabling you to focus on building your client and opportunity relationships further?

In short, given the average SME CRM contains around 5000 records, you will need help. Yes, we can help you.  Contact me directly at to discuss how you can ensure you are GDPR compliant sooner rather than later. After all a contract to a telemarketing agency will definitely cost less and give you ROI which a fine to the EU won’t.


Filed under: News on October 21st, 2017 by Melanie Hill