Understanding the GDPR and its impact on digital marketing, online privacy
The General Data Protection Regulation (GDPR) is a European set of rules that offer web users more control over their personal data as it relates to online activity. Priority Marketing’s digital team has been monitoring the new law and its potential impact on American businesses, organizations and individuals. The GDPR, to put it simply, is a game changer. Here is a 3-minute read to help you understand the law.
What is the GDPR?
The GDPR was approved in 2016 by the European Union’s Parliament and took effect May 25. It helps regulate the online environment being used by businesses to serve ads to computer users, and is intended to help businesses and computer users coexist online and share mutual benefits from the digital world.
Does the GDPR affect America?
The GDPR applies to any organization operating within the European union that offers goods and services to customers or businesses located within the European union. Essentially, that’s every major corporation in the world. Even if a company has no direct connection or operation in the European Union, it might still need to comply the law.
How do I know if my business is affected?
If you answer “yes” to any of the following actions, you must comply with the GDPR and protect customers:
• Do you collect email addresses, phone numbers or consumer information on your website or through social media?
• Do you sell goods or offer e-commerce transactions online?
• Does your social media advertising strategy include Facebook custom audiences, phone numbers, consumer email address or mailing address lists?
• Does your company use any personal information collected from consumers to direct market to those individuals through print mailers, emails, texts or telemarketing?
• Does your website contain cookies or tracking pixels that record visits for remarketing purposes (i.e. social media advertising, display advertising or pay per click advertising)?
Note: If your website uses cookies or tracking pixels, you must update your privacy policy to state that you indeed are using these technologies. According to the law, “any request for consent, declaration of terms or statement of privacy must be presented clearly and concisely, and without any ambiguity of meaning. Furthermore, it must be as easy to withdraw consent as it is to give it.”
What actions should my business take to comply with the GDPR?
Although this law governs members of the European Union, it still is important for businesses based in America to take additional strides to protect consumer data. The time is now to make these updates. You should:
• Inform consumers about the collection of their information through a clearly stated privacy policy, which should be located on the website and any other owned media. (Resource: TechRepublic)
• Create a process to provide consumers with the personal information you have collected, should they ask. As part of the GDPR, people have the right to access their information and companies must be able to provide that information and update incorrect facts.
• Prepare to remove consumers from your business records, should the consumer request it, and respond to questions about how their personal data is being used.
Are there any other measures my business should take?
You should prepare a breach notification, just in case. The GDPR requires companies to notify all data subjects that a security breach has occurred within 72 hours of first discovering it. We suggest developing an email blast to distribute should this happen. Priority Marketing recommends four cybersecurity services to protect your website.
Also, thoroughly review the sources of your data collection to ensure your business is acquiring clear consent to use personal data from the individual providing that information.
Will the GDPR impact our social media and digital advertising space?
Yes! According to the Pew Research Center, of the 7 in 10 American adults that use some form of social media, almost half do not trust that the federal government or social media platforms are protecting their data. While 86 percent of Internet users have taken steps to try being anonymous online, experts say people still find it hard to disconnect from the digital world “because so much of modern life takes place on social media.”
Social media users are not willing to leave the digital world entirely, but they are willing to take steps to protect their privacy. That is positive news for businesses and organizations given the circumstances. As the GDPR progresses, we will see a shift in available targeting online and on social media sites, but we should be able to compensate for the changes with new, emerging digital trends that target the context of what potential customers are looking at in real-time instead of solely on their past behaviors.
Who can I contact for questions about the GDPR?
You can contact your legal team or company lawyer for compliance verification. To read more about the GDPR and possible actions to take, please visit https://gdpr-info.eu/.
Sources of Information:
https://gdpr-info.eu/
http://www.pewresearch.org/fact-tank/2018/03/27/americans-complicated-feelings-about-social-media-in-an-era-of-privacy-concerns/
https://www.cnbc.com/2018/04/25/gdpr-data-privacy-rules-in-europe-and-how-they-apply-to-us-companies.html
https://www.techrepublic.com/article/the-eu-general-data-protection-regulation-gdpr-the-smart-persons-guide/
