Industry analysis from Tikit: Marketing consent

This article was originally featured as an industry analysis in the October issue of LPM. To read the issue in full, download LPM.

Small to medium-sized law firm marketers who try to function without a client relationship management (CRM) solution in place often suffer from ‘spreadsheet hell’. It can be difficult to deliver highly targeted email campaigns using a marketing distribution system in Excel – even though this approach is most likely to generate new business.

Likewise, trying to organise an event using contact details stored in multiple spreadsheets runs the risk that the same people will be invited again and again or that others will be overlooked.

If either of these scenarios sounds familiar, you may have concluded that your firm’s chaotic marketing infrastructure hinders its ability to generate new business.

Until now, marketers have justified the need for CRM deployment on the basis that it could help resolve many of these operational challenges while improving client relationships and, hopefully, boosting profits. But marketers now have a new argument which any lawyer should be sympathetic to: deploying a CRM solution can make the firm’s compliance with the EU’s new General Data Protection Regulation far easier and drive recognised best practices. Of course, law firm marketing has long been subject to data protection rules – on pain of financial penalty. But the upcoming GDPR, set to hit the UK in May 2018, raises the financial stakes for non-compliance yet again. The maximum fines that can be issued under the GDPR will be enormous – up to 4% of a firm’s worldwide turnover. If you’re a £10m practice, this could potentially translate to a £400,000 fine for a breach of the regulation. Suddenly, spending £20,000 or £30,000 on a CRM system looks like a sound financial investment from a compliance or business development perspective.


Explicit consent must be obtained to process data relating to a person under the GDPR. This consent must be given both in relation to the use of the data itself and the purpose for keeping it. Consent cannot be assumed to have been granted, for example, by a recipient’s silence or their agreement in relation to an unrelated matter, such as a retainer.

Marketers in law firms cannot distribute marketing literature to the practice’s clients simply because they are clients, and nor can marketing materials be sent to a partner’s prospective clients just because the prospect once gave the partner a business card at a conference. The GDPR doesn’t prevent law firms from distributing marketing literature to these types of recipient but if a firm hasn’t obtained explicit consent from an individual, the practice won’t be allowed to promote itself to them.

With the right software in place, obtaining explicit consent from the firm’s clients and prospects can be relatively straightforward. Tikit’s eMarketing solution allows marketers to easily create personalised, branded, online forms. This form can be distributed via email to the firm’s clients and prospects using eMarketing and will ask them whether or not they wish to receive the practice’s marketing literature (ie capture consent). The distribution list for this can be based on prospect and client data, all of which is stored within the single Tikit P4W database. Both Tikit Connect and P4W share data seamlessly together, thereby eliminating the duplication and inconsistency of an individual’s contact details.

Using Tikit’s integrated platforms, all responses to verification mail outs can be automatically fed into the firm’s Tikit Connect contact management solution, ensuring all recipients’ marketing wishes are respected. This integrated use of technology also records when consent is captured and by whom. This detailed tracking capability is a critical part of the firm’s GDPR compliance process and a powerful aid if ever challenged by the regulator.


Using Tikit eMarketing to distribute online forms to a firm’s clients and prospects can help practices to comply with the GDPR in relation to initial consent. The same technology can also be used to ensure recipients’ contact details and marketing preferences remain accurate and up-to-date – which is another obligation imposed by the GDPR. It is typically far easier to administer and audit this type of ongoing GDPR compliance by using a CRM-based solution, rather than trying to achieve the same objective using Outlook or Excel.

The GDPR also gives individuals the right to be forgotten, so any EU citizens can request that marketing data relating to them is erased. For law firms whose marketing data is stored centrally within a CRM, complying with such a request is straightforward: the requesting person’s marketing data can be deleted in a single step. By contrast, where a firm doesn’t have a central CRM system in place, it can be far harder to ensure this request is fully implemented. If a person’s marketing details are spread across multiple spreadsheets, there is a risk that not all spreadsheets will be updated to reflect the person’s request to be forgotten – thereby rendering the firm non-compliant with the GDPR. Worse, because of this compliance failure it’s possible the requesting person will continue to receive the firm’s marketing literature in direct contravention of their wishes – drawing attention to the breach.

Here at Tikit, we believe that the GDPR is a boon to firms because it drives the adoption of practices that are known to help firms better themselves. An integrated contact management, email marketing and practice and case management solution is the answer. Using a contact management solution to support GDPR compliance enables a firm to achieve the holy grail of marketing – to become a trusted partner. From this trust flows the things that benefit us as firms - more effective marketing, enhanced relationships, deeper insights and higher-margin work. 

Post a Comment

Add your comment