Consumer Privacy GDPR and Ways it Affects Your Marketing Program

Just this morning I found 6 different emails in my mailbox regrading terms of service changes. Twitter, eBay, Linkedin, Airbnb and others are updating their privacy and payment policies ahead of a May 25th deadline. That is when a new set of privacy rules in Europe known as the GDPR goes into effect.

 

GDPR stands for General Data Protection Regulation and it will apply to US consumer and American companies doing business globally. The reason is that it is difficult for companies to manage country-by-country specific privacy policies and the process quickly becomes unmanageable. GDPR is designed to give greater protection to an individual’s personal information and how it’s collected, stored, and used. Similar policies are now being introduced in the US Senate by Democratic Senators Richard Blumenthal and Edward Markey.  

 

According to legal experts, these emails I mentioned, will become friendlier and easier to read. You might start seeing more creative approaches such as charts and videos explaining new policies. However small print is not going away anytime soon.

 

Under GDPR users gain a lot of rights and can learn things such as what kind of information has been collected and who it is being shared with. Users have the right to access all their information and port it. For example, if you have pictures on one platform, you have the right to ask for all those pictures in the format that could be ported into another platform even if this is a competitor. 

 

Some of the companies, if you read their privacy policy closely, such as Oath (which is what Yahoo and AOL became) will actually increase their monitoring of your information. Their privacy policy states that they have the ability to scan emails to create targeted ads for users of these emails.

 

With the new GDRP rules, companies have to become more explicit about what they're doing with our data and information we share every day. If you don’t have time to read through the whole document (AirBNB’s is 44 pages long), focus on the following areas:

 

Just this morning I found 6 different emails in my mailbox regrading terms of service changes. Twitter, eBay, Linkedin, Airbnb and others are updating their privacy and payment policies ahead of a May 25th deadline. That is when a new set of privacy rules in Europe known as the GDPR goes into effect.

 

GDPR stands for General Data Protection Regulation and it will apply to US consumer and American companies doing business globally. The reason is that it is difficult for companies to manage country-by-country specific privacy policies and the process quickly becomes unmanageable. GDPR is designed to give greater protection to an individual’s personal information and how it’s collected, stored, and used. Similar policies are now being introduced in the US Senate by Democratic Senators Richard Blumenthal and Edward Markey.  

 

According to legal experts, these emails I mentioned, will become friendlier and easier to read. You might start seeing more creative approaches such as charts and videos explaining new policies. However small print is not going away anytime soon.

 

Under GDPR users gain a lot of rights and can learn things such as what kind of information has been collected and who it is being shared with. Users have the right to access all their information and port it. For example, if you have pictures on one platform, you have the right to ask for all those pictures in the format that could be ported into another platform even if this is a competitor. 

 

Some of the companies, if you read their privacy policy closely, such as Oath (which is what Yahoo and AOL became) will actually increase their monitoring of your information. Their privacy policy states that they have the ability to scan emails to create targeted ads for users of these emails.

 

With the new GDRP rules, companies have to become more explicit about what they're doing with our data and information we share every day. If you don’t have time to read through the whole document (AirBNB’s is 44 pages long), focus on the following areas:

 

  1. What information the company is collecting about you
  2. How they use this information
  3. Who the information is being shared with

 

GDRP’s affects on marketing activities

The good news is that if you are using best-practice marketing techniques that lean on transparency and customer consent, you’re probably already compliant! The bad news mostly falls on companies that are using shady, outdated marketing methods. As HubSpot puts it:

 

“Those companies which have put their own needs ahead of consumers and indulged in shady or outbound tactics are in for a shock. Their world is going to change dramatically as the GDPR will hasten the demise of marketing tactics like buying lists, cold emailing and spam.”

 

Be Clear an Transparent

Most sites nowadays collect user information in one way or another. This must be clearly communicated to the user. You need to explain clearly what the data is going to be used for. This is win for consumers because they won’t receive any marketing they haven’t expressly consented to.

 

Security

This sounds obvious, but data collected needs to be stored securely. GDRP clearly defines that “appropriate technical and organizational security measures must be implemented to protect collected information”.

 

Data retention and deletion

Collected data is supposed to have an expiration date after user unsubscribes or stops using your services. If a user requests to delete their information, you must follow through with the request and notify the user that data was deleted.   

 

Minimize Data Collection

Think about what data you really need to collect in order to do your business. Take only that data and nothing more. If you don’t need to know the prefix of a person’s name or their gender, don’t ask for it.

 

Accessing Data

Accessibility of data is a fundamental part of the GDPR.  The article specifically states that you need to provide upon request a “…copy of the personal data undergoing processing” and “the information shall be provided in a commonly used electronic form”.

 

No doubt, gearing up for the GDPR is a priority for many organizations, and it won't be a light lift. Even if GDPR wasn’t about to become the law now in Europe and probably soon globally, marketers should pay careful attention to its guidance.

 

 

 

Leave a comment

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.

LET'S TALK