By: Caitlin Garcia
We’ve been hearing about GDPR for months now. The daunting idea of privacy and advertising has been in the back of our minds, but now that we’re just a few weeks away, what does it actually mean?
If you’re like us, you’ve researched and found hundreds of different articles claiming to be the main resource on the new data protection laws in the EU. You read through a few and realized you’re still exactly where you started. We’ve broken down the main things you need to know when it comes to your site and digital advertising.
What is GDPR?
In the simplest language possible, the GDPR is a set of regulations designed to respect the privacy of people in the EU. The goal is to integrate data privacy laws across Europe and ultimately change the way companies approach data privacy. While not specifically designed to affect countries outside of the EU, it does.
Now that we know what it is. How do companies know if they need to make changes based on this new policy? Let’s start with a few simple questions.
Questions to Ask Yourself:
- Do I do business in the EU? We’d recommend extending this to Europe as most countries are just steps behind the EU when it comes to personal data protection. Might as well prepare yourselves now.
- Do I advertise to people in the EU?
- Do I collect data from people in the EU?
If you answered yes to any of these questions, you need to be prepared for these new regulations. Since GDPR is aimed at protecting users in the EU, by collecting their data, you’ve put yourself right in the middle of this regulation.
Steps to Take:
- If you’ve browsed any site in the UK over the last year or so, you’ve probably seen that message on the screen letting you know that the website collects cookie information. If your site is collecting any sort of user data, you need to add similar messaging. There are a few ways you can do this, TermsFeed put together a great article with templates.
- We’d recommend segmenting your email database by geography (if you haven’t already) and asking people located in the EU or Europe in general to re-consent to being part of your email list. Though you may lose some subscribers, you’ll sleep well knowing you have a quality list. Ensure this email offers a double opt-in confirmation. This message needs to go out before May 25th to be compliant with the new regulations.
- Expand upon your existing Privacy Policy. We recommend adding very clear language that tells people exactly what you are using their data for. Check out Amazon or Ebay’s UK-specific sites as a template. Some sites separate out their Privacy Policy from their Cookies information.
- Add a box on all forms on your site that asks people if they want to receive email communications. This may seem like a heavy ask as many of you probably collect your email databases from form fills for pricing guides, ebooks and whitepapers. That’s okay. You can make the check box a required field to access your gated content, but it needs to be there and it can’t be pre-checked.
- Enable double opt-ins across all forms on your site. This can be done through your MAS system or directly through your CMS if you aren’t using a company like Pardot or Hubspot. This is already considered a best practice to ensure your contact lists are quality, but now it’s a requirement.
- Ensure you have appropriate business contact information in all your email communications. In order to stay compliant, the easiest step is to include your company’s address in the footer of your emails.
While the regulations and requirements aren’t optional, there are a few things you can do to mitigate any loss in contacts or future leads.
Use an entry form that asks entrants what country they live in. You can dynamically add in the new required form fields if they are in the EU or Europe so that everyone doesn’t have to see them.
Use IP or location look-ups for entrants on your website and display content differently to affected users. This takes a bit more time and development, but could also allow you to customize your experience and sales process for different countries if you haven’t done so in the past.
Wrapping Up
GDPR is a big deal and its effects will be felt globally. All you can do is ensure your business is compliant and use the regulations in your favor. Implement best practices, message quality lists and build a better lead base all while helping protect the individual rights of internet users.
If you have any specific GDPR questions, we’re happy to help. Contact Us any time.