WTF is GDPR and What Does It Mean for Online Marketing?

The General Data Protection Regulation (GDPR) has been in all of the headlines and swarming everyone’s inboxes since mid-May as businesses work to comply with the EU’s new data privacy and protection rules. Given the nature of our job as marketers, this automatically affects us and the companies we work with – especially when working with businesses inside and outside the European Union. Many of us online marketers are still a little shaky on what these new laws will mean for marketing efforts in the long-term, though.

Straight from Investopedia‘s mouth, here’s the gist of what GDPR really is:

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection and processing of personal information of individuals within the European Union (EU). The GDPR sets out the principles for data management and the rights of the individual, while also imposing fines that can be revenue-based. The General Data Protection Regulation covers all companies that deal with data of EU citizens, so it is a critical regulation for corporate compliance officers at banks, insurers, and other financial companies.

Without all of the jargon, the awesome people at Moz explained it all in a much more helpful, easy-to-digest way. Along with this, they break down what exactly GDPR will do to the tools and services we regularly use to collect, process, analyze or store data; mainly Google Analytics, email marketing, referrals, and AdWords. Here’s a quick recap of what Moz had to share:

GDPR + Google Analytics

If you use Google Analytics, Google is your data processor and since they handle data from people all over the world, they’ve had to take steps to become compliant with GDPR standards. However, you/your company are considered the data controller in this relationship and you will also need to take steps to make sure your Google Analytics account is set up to meet the new requirements.

GDPR + Privacy Policies

Under GDPR, a site’s privacy policy needs to be clearly written in plain language and answer basic questions like what information is being collected, why it’s being collected, how it’s being collected, who is collecting it, how it will be used, and if it will be shared with anyone else. If your site is likely to be visited by children, this information needs to be written simply enough for a child to be able to understand it.

GDPR + Email Marketing

As far as email marketing goes, GDPR is going to have the biggest impact on those who do things that have already been considered sketchy, like buying lists of contacts or not making it clear when someone is signing up to receive emails from you.

Even if you’re confident your European contacts have opted in, there’s no harm in sending out an email asking them to confirm that they would like to continue receiving messages from you.

GDPR + Google AdWords

Google will now be requiring publishers to get clear consent from individuals to have their information collected. Not only does this mean you have to give more information about how a person’s information will be used, you’ll also need to keep records of consent and tell users how they can opt out later on if they want to do so. If a person doesn’t give consent to having their information collected, Google will be making it possible to serve them non-personalized ads.

See more of Moz’s GDPR breakdown here >> 

Transparency, in every sense of the word, is the wave of the present and future of business. It’s our jobs as marketers to make sure that ourselves, and the clients and companies that we work with, are fully on-board with these new privacy changes. With this new era of digital integrity, GDPR is only the beginning of new rules and regulations where personal information is concerned – let’s all buck up and get ready for the next changes in data law because it’s only a matter of time before they’re put into place.