Back to use cases

Keep global marketing campaigns in line with all data protection requirements automatically

  • Data Protection
  • Asset Management
  • Investment Banking
  • Retail Banking
  • Wealth Management

In this use case, we show how marketing teams in financial institutions can conduct compliant targeted campaigns with a maximised geographical reach and minimised risk by implementing digital global data processing and transfer checks.



  • 30+ jurisdictions
  • GDPR (EU)
  • FADP (Switzerland)
  • PDPA (Singapore)
  • many more
  • App
  • API
Direct Marketing

Can I create a pool of clients with similar interest and then send them marketing materials?

Data Classification

Under what conditions can I also include minors into my global or domestic marketing campaigns?

Data Transfer

Is there information I am not allowed to upload to our third-party CMS or marketing automation tool?

Data Classification

What are the restrictions our marketing team faces when communicating internally versus campaigning for external clients?

Conditions for Marketing

Is explicit consent required from prospects or clients? What other upfront information is needed before we serve them our marketing campaigns?

Direct Marketing

Can I conduct my direct marketing campaign according to GDPR on subjects such as children or employees?

Clarifying data processing implications on marketing campaigns today

Data Protection rules enforce even more requirements for marketing activities. And companies must understand and comply with them to have efficient and successful marketing campaigns.

What does this mean for financial institutions? 

First of all, it raises the bar of compliance requirements for a growing number of marketing campaign activities since, and usually, new Data Protection rules are handled centrally (by a compliance or Data Protection team) and are communicated to marketing teams (Marketing Manager or Event Manager). That is done to avoid breaches on future marketing campaign activities. Conversely, in the case of unclarities, marketing might also question the Data Protection Officers regarding regulatory changes.

To meet this regulatory demand, the internal Data Protection team needs to handle an unprecedented number of requests for project support and legal clarifications. And one thing that remains constant despite the increased workload is the outdated tools like the referring of case-by-case legal opinions and traditional text-based format from external law firms.

Today, there are no winners – it is a lose-lose-lose situation:

First, data protection and, especially, marketing teams struggle to keep track and interpret country-specific regulations affecting their marketing campaign processes and goals.

Secondly, clients receiving marketing campaigns get frustrated with all the information that is bombarded on them as they need to understand that they willingly consented to receive such materials based on their interest and behavioural activities.

Finally, website visitors are scared away by a firm’s investment offering that is covered by exhausting disclaimer language and functionalities.

The challenge of data protection restrictions on marketing activities

Data protection regulations, especially the ones that influence marketing activities, vary from country to country. Some restrict the handling of specific types of data, such as information about employees or minors, and others might require specific measures to be put in place, or restrict conducting specific marketing activities with personal data altogether.

Understanding these country-specific marketing elements is just one side of the story. Additional complexity comes with different marketing initiatives and campaigns rolled-out on a global basis need to be balanced for all the underlying individual country restrictions. This is a hurdle when dealing with country-specific data, besides being a time and resource-consuming analysis.

This regulatory complexity results in barriers that leave companies with scarce options to stay compliant:

Business potential Risk minimisation Ease of scalability Country comparison
Conduct only domestic marketing campaigns and clarify restrictions case by case + +++ ++ +
Conduct global marketing campaigns and clarify restrictions case by case ++ ++ + ++
Introduce digital marketing implication checks that clarify single and multi-country restrictions ++++ ++++ ++++ ++++

Introducing digital marketing campaign checks

Marketing financial services in the digital age is becoming a highly complex task. The more regulations are being adopted, the harder it is for banks’ marketing and risk teams to work together in a paper-based manner and stay in check with the growing number of data processing requirements for every outreach campaign. The sheer volume of regulations is one side of the story, the other – the added complexity attached to every new jurisdiction in the equation.

Onboarding a digital data protection framework for marketing purposes with customizable and scalable rules accessible to distributed marketing teams is the way to circumvent blockers sustainably.

So what does such a tool stack include?

  1. Machine-readable rules: a set of country-specific rules customizable by in-house legal teams;
  2. Dynamic data protection answers: a way for marketing teams to access quick answers on data processing campaigns through an easy-to-use app or via intranet;
  3. Easy integration options: technology empowering your developers to scale the use of machine-readable repository in-house

Benefits of using digital global marketing implication checks

  • Support the marketing teams’ activities with instant feedback on complex marketing-related data protection requests;
  • Compare different multi-jurisdictional marketing situations;
  • Always remain compliant with the right set of digitised data protection requirements for marketing activities;
  • Scale thanks to the easy addition of new countries or comparison features.