What the General Data Protection Regulation Really Means for You
Personal data is a touchy subject right now. But as digital marketers, it’s not one that we can ignore. A lot of digital marketing is based on collecting personal data available on the internet in order to target potential customers. Without it, we wouldn’t be able to do our jobs. The General Data Protection Regulation (GDPR) is going into effect, and you might feel its impact on the way you can effectively do your work. Every digital marketing agency should assess their situation to determine if any changes should be made to remain compliant with the new laws.
Though the GDPR is an EU regulation, just because your business is in the States doesn’t mean you aren’t affected. It’ll still impact any company that wants to do business within the EU…so if you sell anything or conduct any kind of business in Europe, you should pay attention.
So, what exactly is the GDPR?
The GDPR is a data protection and privacy law that concerns everyone who lives in the EU and regulates the export of that data. Its main goal is to put control of personal data back into the people’s hands. It’s a sweeping move, so you better believe there are big consequences.
What’s Google doing about it?
For the most part, Google has already taken steps to make sure its services are compliant with the new rules. But that doesn’t mean you’re completely off the hook. There are some cases like Customer Match and Store Sales uploads that require you to keep the new guidelines in mind. GDPR will require you to provide explicit consent from each member of your database, ensuring that they opted in.
In addition, if you depend on any kind of remarketing, you now have to obtain user consent. One way to do this is to provide an in-browser message and ask prospects to opt-in before they close the window. We’ve all seen these before: they’re the “cookie consents” that pop up the first time you visit a website.
Google will also start automatically deleting older data if you don’t take action first. That doesn’t mean you can’t save data anymore; you just have to be more proactive about it. To keep the data, you’ll activate a Data Retention setting in your Analytics account that remains compliant with the new legal guidelines.
When retaining data in Google Analytics, the best practice is to select the shortest retention window. Unless you have a specific need for the information, it’s best to delete that data as soon as possible. However, be sure that the deletion won’t affect your current reports. Use your best judgment to find the best timeframe—and remember you’ll need to do this for every account.
And what about Facebook?
Facebook, which has felt the most backlash over its use of personal data, is really going to be affected by this new law. But what does that mean for your Facebook ads? Like Google, Facebook will take care of the bulk of the new regulations, but that doesn’t mean you’re completely off the hook.
If your company utilizes custom audiences with the Facebook Pixel, you’ll now need to inform people visiting your site that you are collecting their personal data. When you upload the information to Facebook, you’re still responsible for how you obtained that information. Facebook is simply the data processor.
When it comes to Lead Ads, both your company and Facebook are responsible for letting your prospects know that you’re collecting their information. According to Facebook, “the lead ads product gives advertisers an option to link to their privacy policies and terms related to the collection and use of personal data.” It’s a valuable tool that boosts views, and discontinuing use of this product would negatively impact your business.
If you’re based in Europe or advertise to people in Europe, you’re going to want to pay attention to your data collection from now on. A violation of the GDPR will result in a heavy fine, something we all want to avoid. Even if you don’t have business in Europe, remaining compliant in the US will help ensure that things run smoothly on your end. Happy data protecting!
What are your thoughts on the GDPR? How many privacy updates have been sent to your inbox recently? Tweet us @Perfect_Search!