In general terms, for marketers’ data forms the foundation of successful campaigns – it allows us to target the right audience with relevant content, recognize site visitors and more. So how will this change the way marketers consider data? The principles established by the GDPR that controllers must comply with the following:
- Lawfulness & transparency: processing of information must be lawful and not excessive.
- Purpose Limitation: processing must be for a defined purpose
- Data minimization: companies shouldn’t store data that is unused for their purpose.
- Accuracy: the data must be accurate and should allow for those whose data is being processed to participate in making sure it is up to date.
- Storage limitation: data shouldn’t be kept for longer than is necessary.
- Confidentiality: data must be stored responsibly to guarantee its security.
Implications for digital marketing
- Opt in/opt out: consent must be explicit.
- Data Capture Forms: now that opt-in has to be explicit, any on-site forms must comply. Forms must be deployed and hosted in a way that complies with GDPR
- Third-Party Compliance: suppliers must meet or at least maintain the same standard as the organization they serve. Further to this, third parties must only provide data that is necessary or falls under legitimate interest.
- CRM: under the GDPR users have the right to be forgotten. This means that the user’s data can no longer be marked as ‘do not contact’, but must be deleted.
Media platforms affected by GDPRComplying with GDPR regulations will be crucial, which is why international tech giants such as Google, Facebook, Twitter, Instagram, LinkedIn and Amazon are working towards better protecting consumer data. Whether you choose to use a tool that applies GDPR standards to your data or reorganize your approach internally, consider the steps these brands are taking when it comes to your own preparation strategy.
- Google: in order to comply with the new GDPR laws, Google has tried to be more transparent when processing data and personal information, in addition to making it easier for clients to choose products/services based on how that product will use their data.
- Facebook: this social media giant will continue to provide control over how data is used, simplifying its privacy settings in a new control center and sending regular privacy reminders that will pop up in a person’s news feed. Such efforts may involve making available new tools to users and reviewing existing tools to make sure we honor our obligations.
- Twitter: due to the new GDPR’s “right to be forgotten” provision, Twitter is denied from owning users’ online communications and must permanently erase them upon request. They’re looking for solutions like automated “forget me” requests to save time and make things easy for users.
- LinkedIn: In addition to updating its agreement policies, LinkedIn will make changes to how recruiters and sales teams can export a person’s information. Plus they’re working on a process to easily delete personal data upon request.
- Amazon: although Amazon still be able to use your purchasing history to make suggestions – like other online retailers – they will have to offer customers the option to turn off data tracking features now used to “suggest”
- Instagram: like Facebook, Instagram added data export features and prompting users to review their privacy settings and added the ability to opt-out of facial recognition. These changes are especially important for Facebook in a post-Cambridge Analytica world.
- Map your company’s data
- Determine what information you need to keep
- Educate the whole team
- Establish security measures in place
- Review your documentation carefully
- Establish policies and procedures for handling customers’ personal data.