GDPR Compliance And Your Business

No matter where your business is physically located, an online presence—a blog, an e-mail newsletter and list, a podcast, social media, a video channel, a website, and other published content—makes you part of a global network. This international access through the Internet means you and your business need to be aware of the European Union’s (EU) General Data Protection Regulation (GDPR).

What the GDPR is
The GDPR goes into effect on May 25, 2018. It is a series of regulations that govern how personal information must be handled. Lead generation, newsletter opt-ins, sales records—it doesn’t matter if the product or service is free or paid—are all to be treated with the utmost care. Client data must be protected and customers must be given multiple ways to check and delete the information a company has on them if they so desire. Personal data is any identifying information including but not limited to
• Age
• Birthday
• E-mail address
• IP address
• Name
• Personal preferences stored in cookies
• Phone number
• Street address or other location

According to MarTech Today’s Guide to GDPR—The General Data Protection Regulation, “the EU is aggressive about protecting consumer privacy…[and] recognizing that data can travel well beyond the borders of the EU, GDPR provides protection to EU citizens no matter where their data travels. This means that any company, anywhere, that has a database that includes EU citizens is bound by its rules. Businesses of all sizes are affected—from micro to multinational. No one is exempt.”

You can sidestep the problem by choosing to either block users from the European Union from accessing your online presence or stop doing business altogether. Klout, which routinely accessed social media data, will cease doing business on May 25, 2018. You can choose to protect privacy and adhere to the GDPR by
• Presenting a Privacy Policy that includes complete details about how data is handled from the moment it is gathered to the time it is deleted
• Creating an easy-to-understand consent form that allows you to get written permission from anyone whose data you will have access to
• Providing a simple way for those who have previously granted permission for you to access their data to revoke their consent
• Encrypting data you collect
• Pseudonymizing individual portions of data—assigning anonymous name and location information, for instance—that can only be pieced back together with the correct key, like a closely-guarded birth date
• Setting up safeguards to alert you and your customers to a data breach within 72 hours
• Requiring parental consent for children up to age 16

How the GDPR will affect your use of Google
If you are using any Google products—analytics, AdWords, cookies, DoubleClickCampaign Manager, Tag Manager—to track the behavior of visitors to your site, especially if that data will be used to personalize ads, you must get your visitor’s permission. This is the updated Google policy:
“If your agreement with Google incorporates this policy, or you otherwise use a Google product that incorporates this policy, you must ensure that certain disclosures are given to, and consents obtained from, end users in the European Economic Area. If you fail to comply with this policy, we may limit or suspend your use of the Google product and/or terminate your agreement.

Properties under your control
For Google products used on any site, app or other property that is under your control, or that of your affiliate or your client, the following duties apply for end users in the European Economic Area.

You must obtain end users’ legally valid consent to:
• the use of cookies or other local storage where legally required; and
• the collection, sharing, and use of personal data for personalization of ads or other services.

When seeking consent, you must:
• retain records of consent given by end users; and
• provide end users with clear instructions for revocation of consent.

You must clearly identify each party that may collect, receive, or use end users’ personal data as a consequence of your use of a Google product. You must also provide end users with prominent and easily accessible information about that party’s use of end users’ personal data.

Properties under a third party’s control
If personal data of end users of a third-party property is shared with Google due to your use of, or integration with, a Google product, then you must use commercially reasonable efforts to ensure the operator of the third-party property complies with the above duties. A third-party property is a site, app or other property that is not under your, your affiliate’s or your client’s control and whose operator is not already using a Google product that incorporates this policy.”

How the GDPR will affect your e-mail marketing list
If you have an e-mail newsletter, you should have already received permission to add people to your list. Under GDPR rules, you need to promote your newsletter to get explicit permission to add someone to your list. Signing up for a freebie no longer equals consent for additional mailings. You also need new consent forms from your European readers before May 25, 2018.

How to acquire permissions
Google provides concise how-to information for advertisers and publishers—those with blogs, websites, etc.—regarding gaining consent to meet GDPR requirements at

What to do now
Let Tate Design handle your copy development as you incorporate the necessary changes into your
• E-mail marketing
• Website copy writing
• WordPress blog

For more information on the new data privacy rules and their impact on online marketers and consumers, check out some links we found helpful below.

Google consent how-tos for advertisers and publishers
Google EU user consent policy
MarTech Today’s Guide To GDPR

There are no comments yet, but you can be the first

Leave a Reply

Subscribe by Email

Get Fresh Marketing Insights

Sign up to receive ideas from our blog that can help you solve challenges in your business by applying the advice of experts in the field.
Copyright © 2018 Tate Design, LLC
Ask A Question!
Hi! I'm Ask Our Bot, an FAQ Chatbot