Let’s stick to the issues that matter for us and our clients:
What is GDPR?
What does it mean for your business?
Disclaimer: This post does not intend to serve as legal advice, but rather a top-level summary of website user privacy and GDPR from a marketing perspective. For complete information about GDPR, see https://gdpr-info.eu/.
Be Careful [With My Data]
Here’s what happened:
The EU set out to formally protect citizen’s personal data, and as it turns out, it’s not a bad idea. The GDPR (General Data Protection Regulation) sets rules for how companies share data after it’s been collected.
That’s a noble pursuit, to be sure. However, that means that companies have to rethink how they approach collecting and sharing data, and how they approach advertising. It means companies need to be transparent about what they collect and how they use it, and it means that users have to give permission for companies to use their data.
The GDPR affects any company that provides services or products directed at customers in the EU. Later, it may also affect any business whose website can be accessed by users in the EU, because, as we know, websites collect and store users’ data.
With great power comes great responsibility.
...So, what exactly is our responsibility?
GDPR in a Nutshell
EU users are afforded extra rights to their online information through the GDPR.
- A business must have a legal reason to use their data. Legal reasons include:
- User opted in to having their data or information used for something which they clearly understand the purpose.
- The user demonstrated legitimate interest in your products or services.
- The user must consent to a business collecting, using, and keeping their data.
- A business must specify an expiration date at which time they must delete their user data records and may no longer use it unless they receive consent.
- If you are collecting and using data from customers based in the EU, your business and privacy policies must be compliant by May 25th, 2018.
[The Compliant Life is the] Best Life
HubSpot is building tools to address these concerns for the websites they host. The goal is to make it easier for businesses to be GDPR compliant.
IMO, having a marketing automation tool like HubSpot is already useful in proving lawful basis of data processing because it tracks website users’ points of contact and history with your website, showing either legitimate interest, or not.
Their updated tools include:
- Expanded manual and automated properties to track and audit the grant of lawful basis using the property history for that new property.
- Consent tracking tools to ensure consent with proper notice, including updated subscription preferences and cookie-consent messages.
- A GDPR-compliant permanent delete function that allows HubSpot admins to delete contacts personal data.
- Easy access and portability to verify user data processing lawfulness and change user data if users request a change.
- Enhanced security measures to protect your users’ data.
We have also made sure that our policy is clear and transparent. Any company should try to do the same. In the wake of Facebook’s Cambridge Analytica data breach scandal, regaining customers’ trust is essential. And that trust should be warranted. A number of privacy and consumer rights agencies have urged Facebook and other big tech companies sitting on massive amounts of our data that they should apply GDPR standards globally. Until the GDPR regulations apply to everyone, it isn’t such a bad idea to adopt them as a standard to aim for. If not to preserve business integrity, at least to avoid the penalty fine of €20 million, or 4% of a company’s global revenue.
Companies from Google and YouTube are making sweeping policy changes like keeping third party ads out of their data and content and, of course, updating their privacy polices as well.
Watch our free webinar, a step-by-step guide to privacy regulations for companies with EU customers, and how to ensure compliance with the new regulations through your business and marketing efforts. Ongoing optimization is how we handle an industry that’s constantly changing (and we love it). Security and privacy go hand-in-hand with an ethical marketing strategy, building a secure website, and implementing SEO that responsibly monitors traffic and other audience engagement.
We can help you implement online marketing best practices, regardless of where your customers reside.
Let’s get started with a strategy!