From one-person shops to small companies GDPR was a big source of confusion as the deadline for the European Union legislation is now here.

“I am confused on it since I don’t generally gather data more than just collecting contact info,” said Marisa Cali, a digital marketing strategist at All the Social.  “It’s confusing to someone like myself since there isn’t a straight-forward how-to.”

We spoke with Sjors Mahler of in Amsterdam about what his company is doing and what questions will linger even after the deadline. And we discovered there may be one good thing to come out GDPR. (Disclosure: This interview was edited)

Q: Before we get started talking about GDPR, tell me a little bit about

A: We were founded in Amsterdam. We are a SaaS company, software as a service. We were founded by a company called The Next Web, a tech publisher. The Next Web got pitches from about 100 journalists that got regular pitches from the startup industry. They had one thing in common in that most press releases that they got looked horrible. All of them were like PDFs that were very badly formatted or Microsoft word files that didn’t look great but the stories often did look great. It was very hard to sift through 100 pitches a day and see which stories were good, which weren’t. So, they built a small tool called Press Doc and that tool would upload your press releases and all your images and add all your videos, add quotes and anything that journalists might be interested in and send that over as a link so the journalist had a one-stop shop. That escalated and within five years the user base was immense so they decided this is a business, this is not just a nice little tool that we built. So, we rebranded to in New York. Long story short, back then we had one tool, one product that was a newsroom solution. Now we have five tools.

Q: Obviously, you store a lot of data. GDPR was passed in 2016. What was the first reaction from your company and what did you first start doing?

A: Our first reaction was, this is really going to happen. It’s one of the first pieces of European legislation that we have seen. Most of the legislation we see is on the local level or on the national legislation. This is the first really big one that hit us as a software company. It took a lot of work to be compliant as far as you can be compliant because you have to remain compliant—that’s the whole thing about it. It’s a really big job for smaller companies like ours. We started really working at it a year ago. We store a lot of data for our customers. We couldn’t just ignore it. We had to rebuild our full CRM. It took us a little over 6 months and we are launching today, just in time.

Q: What advice do you have for small companies or ones that do PR in-house?

There are so many things to think of to become GDPR compliant. I think the number one advice would be to check with all of your third-party tools and services and make sure they are GDPR compliant. Just ask them for a data protection agreement. Very often you have already heard from them. As a smaller PR professional, you are probably going to have a database and I hope that it’s a CRM. If it’s a CRM then check with them as well. Be careful with Gmail addresses and personal Email addresses – GDPR is stricter on reaching out to personal addresses than business addresses.

Q: What have you heard about enforcement? What are the fears about enforcement?

A: In terms of enforcement, it’s going to be very difficult. There’s a lot of companies and I think this becomes crucial for the larger companies—those are the ones the watchdogs will have their eyes on.

Q: I think what it’s coming down to, we are not absolutely sure what is going to happen.

A: There are still a couple of proposals that could go live on May 25 as well. One of them is that B-to-B addresses are perfectly fine. You could still send them email as long as you have the opt-out or unsubscribe link included. The opt-in link still confuses all of us. Can we still email a journalist that we don’t know yet but we saw a couple of articles that match our communication? Can I set up a meeting with them to get a cup of coffee? If you take the rules really strictly, you can’t do that. A lot of companies do outbound campaigns. They find companies that suit their ideal customer profile and reach out. That’s going to be difficult. It’s mostly going to be about inbound (marketing) these days. However, we have been checking to see if it’s still legal. We found a couple of articles and they say don’t do it just to be sure and we have said for B-to-B go ahead and do it.

Q: What do you think will be the effect of GDPR on the PR industry?

A: There’s a very cool thing about GDPR and that we are going back to where communication and public relations once started and that is really building relationships with someone. The only little scary thing is initiating that relationship. For some reason, public relations has shifted from something that’s very relationship-focused to something that you just download thousands of email addresses and send that message to all of them. I hope that’s the effect of GDPR.



Kim Jarrett is a native of Georgia with more than 25 years of experience in journalism, content writing, and social media management. She has won awards from the Georgia Press Association and won Gabby awards from the Georgia Association of Broadcasting in 2014, 2015, 2016 and 2017 in several categories including best use of digital media and best newscast. A native of Georgia, she received her B.A. in communications from Shorter University.