On May 25, 2018, the EU passed a series of regulations designed to offer greater protection for European consumers. These new rules impact how businesses can collect, use, and protect the data they gather from customers. These new regulations have caused panic for many across all industries, as brands wonder how they can effectively market with the new laws and worry about accidentally breaking the rules. Here is what you need to know about the GDPR requirements.
Why was the new GDPR regulation passed?
Customers have demonstrated that they do not feel comfortable with the ability of companies to appropriately manage their data. An estimated ninety-two percent of online customers say they feel concerned about data security and privacy.
Surveys also indicate that customers were not being paranoid: The State of European Privacy Report stated that 90 percent of businesses find it too difficult to delete customer data and more than half do not even have procedures in place to remove the data should the customer request it.
What do the new regulations cover?
Brands should immediately note that these new regulations are now law– no longer a suggestion or a directive. Companies who fail to abide by these laws can find themselves heavily fined.
The lawmakers behind the new rules intend to place the control over consumer data back in the hands of customers. Permission to gather data or contact prospects can no longer be passive, it must be active.
- This means your prospective leads must actively affirm that they want to be contacted by you. You can no longer assume this based on their entering an email address on your landing page.
- You must include a ‘right to be forgotten’. If you collect data from people through an email list, for example, you must give them a clear way to be removed from the list. Customers have the right to have personal data removed.
- When you collect data, you must make sure you can justify why you need the data you ask your customers for.
How do businesses make sure that they comply with the new regulations?
As The Harvard Business Review points out, many aspects of marketing will now be more difficult.
Brands will have to curb much of their dependence upon the data they collect from users. Since consent must now be active, many will have to change their tracking procedures. Other common marketing practices, such as PPC, may need to be modified to comply. Users will also have the ability to access and delete the data that businesses collect on them.
Companies also likely fear accidentally running afoul of GDPR compliance. Working with an established firm, like Ballantine, can help you better understand the regulations and what parts of your email, social, and PPC campaigns will need to be adjusted moving forward.
Brands will likely find the best possible alternative through contextual advertising. They will market additional content or assets based on what the user views in real time. Although many brands have already capitalized on this, it will likely grow exponentially in the wake of the new regulations.
The bottom line
Here is your GDPR overview:
- This was passed because of fears of company mismanagement of personal data
- This forces brands to relinquish control of the data-collecting process to consumers
- Brands will need to gain active consent before gathering any data about users, even before using their email address to contact them
- Many organizations will likely shift towards contextual marketing as the data drawn from European users may be sparse
The GDPR regulations have taken the marketing world by storm. Although we still wait to see what the full impact will be, brands need to make sure they take the necessary steps to comply with the laws. If you need help navigating your marketing campaign and want to be confident in your compliance, reach out to us at Ballantine. We will help you form a strong strategy entirely on the right side of the law.