Unless you have been living under a rock lately, it is likely you have at least heard some mention of the new EU General Data Protection Regulation aka GDPR. However, if you are like the majority of people, you are also likely to be confused about what it means for internet marketing and how it affects you.
Let’s take a look at the basics of GDPR and how it applies to your internet marketing strategy.
What is GDPR?
As already stated, GDPR stands for General Data Protection Regulation. It is new law being brought into effect by the European Union with the aim of offering better protection to individuals in terms of how personal information is collected, stored and used. This applies not only to businesses located in the EU, but to any business who has the personal data of customers residing in the EU and businesses need to ensure compliance before the deadline of May 25, 2018.
It is not necessary for a financial transaction to take place in order of GDPR to apply. Even if a non-EU business is simply collecting information about an EU resident in the form of a potential lead as part of their internet marketing strategy, they must comply with the new law or face some substantial fines.
What Counts as Personal Data?
Personal data is a pretty wide catch-all term, so it is helpful to understand exactly what counts as personal data when it comes to GDPR. For the purposes of the law, personal data has been defined as information that could potentially be used to identify an individual. That includes IP addresses, cookies, names, email address and location details.
How Will GDPR Impact Internet Marketing?
For most companies, the big change that GDPR will force them to make is how they disclose and obtain consent to collect personal information. It is necessary to get explicit content from EU residents in a way that is voluntary and unambiguous. There must be a clear statement of consent in plain language free from legal jargon. It is also necessary to meet the following conditions if you are collecting EU personal data as part of an internet marketing strategy:
- Offer a positive opt-in which means no pre-ticked boxes
- Have consent separate from other general terms of service
- Clearly explain why the data is being collected and how it will be used
- Name any third parties who may also access the data
- Do not make consent a condition of service
- Give clear instructions on how to withdraw consent in the future
Steps to Take to Ensure Compliance
Any company that has leads in the EU needs to make sure their internet marketing strategy is compliant with GDPR. The best starting point is to carry out a complete audit of the company website to determine what personal data is held and how it was obtained. This will give you a good idea about any changes that need to be made to internet marketing strategies. Now is also a great time to update privacy policies to include GDPR – even if you do not yet have leads within the EU. There is no harm in being prepared!
To Your Best Online!
Ingrid Griffin, Internet Marketing Consultant. Blue Dress® Marketing, an Internet Marketing Company headquartered in Knoxville, TN. Internet Marketing Developed, Implemented and Managed to Full Circle! Organic Internet Search Engine Guru. Turn Key Internet Optimization Programs Placing You Everywhere and Anywhere You Need to Be Online®