Gateshead-based mailing house, Washington Direct Mail, has invested £250,000 in digital printing and envelope enclosing technology and processes to become one of the very few companies in the UK to achieve ISO27001 certification for data privacy and protection.
Based on Team Valley Trading Estate, the company, which was founded in 1983, will, as a result of the award, now compete on a level playing field with UK-wide print management and direct mail companies.
Washington Direct Mail provides a full range of print and mailing services such as personalised direct mail, litho and variable digital printing, data cleansing, fulfilment, dispatch and response handling. In the last 12 months the company has grown by 50% and is looking to end its financial year with a turnover well in excess of £3million.
While the company has been planning for ISO27001 for the past two years, the timing of the certification coincides with the recently launched General Data Protection Regulation (GDPR), which places on all companies strict requirements regarding how they hold and use personal data. Significantly, personalised direct mail remains an opt-out medium and this means that as long as a level of ‘legitimate interest’ can convincingly be shown by either the sender or for the reader, then it does not require GDPR opt-in as an email campaign would.
ISO27001 is the international standard that describes best practice for an ISMS (information security management system). Certification demonstrates a company is following information security best practice, and provides an independent, expert verification that information security is managed in line with international best practice and business objectives.
In addition to ISO27001, Washington Direct Mail, which employs 30 people and whose customers include the company behind the Great North Run, Trafford Council, over thirty different NHS hospitals and a wide range of printers across the UK, has already been certified to ISO9001 (quality management), ISO14001 (environmental management), and ISO18001 (Occupational health and safety).
Lynn Beasley, managing director, said “We’re a small, agile, SME with a very strong team culture. We’re also extremely ambitious and want to be the very best at everything that we do. By gaining ISO27001, we are reaffirming to our existing clients that they can have total confidence in the work we do for them and we are also positioning ourselves for huge opportunities in new markets. Essentially, we are future-proofing the business.
“We are one of the very few firms in the UK direct mail industry to gain this standard and it means we can now compete against major UK print and mail companies. We believe we can clearly differentiate ourselves in this new arena, in that, as an SME, we are fleet-of-foot, highly responsive and offer flexible pricing structures. Many of our major UK competitors will simply struggle to match us on many of these because they’re geared up for vast volumes that don’t change very often, or they’re located in areas of the country such as the South East that have huge in-built overheads.
“Over the years we have watched many of our competitors jump ship as email marketing was perceived to be the modern way of communicating but growing frustration by the public at the sheer quantity of email marketing aimed at them has now been tipped over the edge by the potential penalties for not being GDPR compliant. As a result we are now seeing a large increase in direct mail activity across many sectors. Those print and direct mail companies, like ourselves, that remained true to their roots and have become specialists in variable data printing are ideally placed to meet this demand.”
There has been a definite U-turn in the past few years as highlighted in the Royal Mail Market Reach 2017 survey which found that 70% of respondents prefer to be contacted via direct mail and feel more valued when approached in this way, rather than email.
Indeed, 70% of respondents said that mail makes them feel more valued (up from 57% in 2013) – and 70% said that mail gives those who receive it a better impression of the organisation (up from 55% in 2013). In comparison, only 48% consider email authentic and believable.
Jon Beasley, technical director, said: “At a time when many businesses are worried about the implications of GDPR with regards to the miss-handling of data, they can be assured that the information we send out on their behalf is totally secure. While email marketing is very much under the microscope when it comes to GDPR, direct mail provides an opt-out for businesses under the criteria of ‘legitimate interest’.
“In tandem with preparing for ISO27001, the business has, in the last two years, invested over £250,000 in advanced technology and machinery, including two new lines for envelope enclosing with cameras.”
In addition, the company has recently appointed Steve Evans as compliance manager. Steve, who has extensive experience managing compliance within global businesses, has been brought in to oversee compliance and bid writing.
Steve, said: “I was immediately impressed by the focus the company has already placed on compliance and the attainment of certifications. I have worked for some very big global operations and none of them have had ISO9001, ISO14001, ISO18001 and IS027001 together. For a small SME such as Washington Direct Mail to have all four is incredible and a testament to the ambition the management team has for the business.”