How can you ensure, for example, at a trade fair that the lead is the person he or she claims to be by handing over a business card? Or how can you ensure that the lead acquisition and subsequent information transfer is carried out in compliance with the GDPR?
Example of the actual situation at a trade fair
I am an exhibitor at a trade fair. A visitor is interested in my products and wants to know more about them. But because he doesn't have time, he hands me his business card, asks for detailed information via e-mail and moves on.
I attach his business card to my lead form, briefly enter what is wanted and turn to the next prospect.
After the trade fair closes, I enter the trade fair contacts in my CRM and send out information and, if necessary, offers as requested.
This is not GDPR-compliant. Why? Because there is no way to prove that the person who sent the business card also agreed to receive information or offers. As stupid as it sounds, how can you know whether the business card and the interested party are one and the same person? And even if they are, handing over a business card does not constitute consent to contact.
So I need something in writing or in digital form with which I can prove that the interested party with his business card and the e-mail address given on it is one and the same person and also gives his consent that I can contact him. And all of this is verifiable.
A solution to the problem
After clicking on the link, I receive the GDPR-compliant confirmation, which stands as proof of an intended contact and can continue with the follow-up of my new lead.
You don't have to be fined right away because you're still handling your trade show contacts the way you did ten years ago. But it is reassuring to generate leads in compliance with the GDPR. Our solution is based on open source software and is quickly adapted and ready for use.