What You Need To Know About The GDPR and Digital Marketing
It has been a big month over in Europe, between the Royal Wedding and the GDPR. While you can argue the importance of keeping tabs on both to stay relevant on social, it is absolutely necessary for anyone involved in digital marketing, website design or advertising to be in the know about the GDPR, even in the United States. Shoutout to Mark Zuckerberg for this one.
GDPR stands for the General Data Protection Regulation, and as of May 25, it is in effect as the EU’s new data privacy laws. Sound boring? Hang in there; it’s important.
The goal of GDPR is to give individuals in the EU protection and control over their personal data. It also affects how businesses can collect and use personal data.
While GDPR is an EU law, it applies to everyone using the personal data of EU citizens and residents. If people living in the EU access your website, GDPR is applicable to your site. That means that if there is even a chance — and trust us, there’s a good chance — that someone from Europe could click through your site, you need to comply.
Worldwide, organizations are taking quick action to comply with the new regulations, which isn’t surprising, considering fines for noncompliance with the new privacy laws can begin as high as $20,000.
What GDPR Means For Websites
In short, these new laws require that anyone sending traffic from social media to a website with Google Analytics that track visitors’ behavior has to acquire consent from visitors in order to do so. Basically, this means updating your website’s privacy policy and inserting a pop up that visitors must click to prove that they understand what is happening with their information when they visit your website. If you need some inspiration, check out Nice Branding Agency’s updated privacy policy. So now, you need to obtain explicit consent to track visitor information both for visitors to your website and also in your paid ads. To obtain the legal basis to do so, you will need to have a clickable opt-in consent option for your advertising targets. (More on the specific guidelines for consenting later!)What GDPR Means For Organic Marketing
Good news here: organic social media marketing is almost entirely unaffected by the new regulations, so curating your pages, posting content and engaging followers from your branded pages mostly stays the same, because posting and building communities organically is done without collecting personal information from your followers. If your social pages or posts link back to a website using Google Analytics, though, you need to make sure that you are getting consent from your visitors to your privacy policy. Side note: Not to freak you out, but Instagram updated its privacy policy in compliance with GDPR, so now you can go see their write-up of all your information they have access to from your personal account. You might want to check it out.What GDPR Means For Paid Advertising
GDPR specifies that if you are using customers’ data to track their behavior for advertising, you must meet the new legal requirements to do so through your advertisements. This means acquiring an explicit, consenting opt-in from users you are advertising to. (You know this by now, but, hey, this is a blog about explicit explanation, so we’re just practicing what we preach).Guidelines For Complying With GDPR:
- Your customers must be given a free and genuine choice to accept or reject the terms of your privacy policy (and be allowed to easily withdraw their consent at any time).
- You have to state what data you are collecting and how you will use it.
- The request for consent has to be available in a clear and plain language.
- To consent, visitors to your website have to take an action, like ticking a box. Note: inaction does not constitute consent. If users skip through choosing or “accept” a pre-ticked box, they do not actively consent to the GDPR.
