General Data Protection Regulation (GDPR) rules are set to go into effect on May 25th. If you do not directly deal with customers in the European Union (EU) then the update is unlikely to affect you. However, this is not to say it will never arrive in Thailand & S E Asia. So for all companies engaged in digital marketing, especially those who use Remarketing and Conversion Tracking you may want to pay attention to the following rule changes.
What Is the GDPR and Who Does it Impact?
The GDPR is a series of new regulations approved by the European Union on April 27th, 2016. These regulations are intended to help protect the privacy and personal data of residents of EU countries.
Along with protecting individuals within the European Union, the GDPR regulates the export of data to other countries, including the United States. This means that even if your business is not located in the EU, you still need to abide the GDPR when targeting consumers in the EU.
Data Controllers, Processors, and Subjects
The GDPR defines the roles of the data controllers, processors, and subjects. The data controllers are the organizations that collect data from residents in the EU. The processor is the organization that processes this data while the data subject is the consumer.
Cookies and Remarketing Now Require Consent
If you use Google or Facebook products on your website to gather information, you may need to make a few changes in line with the new rules. Affected products that track on-site actions from your visitors include Google AdWords, Analytics, and Tag Manager as well as the Facebook Pixel.
In some situations, you must also mention any third parties that will receive the data. When collecting data from children, consent must be given by the child’s parent or custodian. It is always the responsibility of the data controllers to prove that consent was obtained through an opt-in form.
Customer Match and Store Sales Features
Customer Match and Store Sales data do not require consent. These are the two exceptions to the regulations specified in the GDPR for data collection. With Customer Match and Store Sales data, Google is simply processing data that you provide.
When you use Google AdWords, both you and Google are the data controllers while Google is the data processor. You are both liable for ensuring that the collection of data complies with the GDPR. With Customer Match and Store Sales data, you are the sole controller collecting the data.
For those that are not familiar with Customer Match, this feature allows you to upload a CSV file containing personal data. This data is then used to target groups using Google AdWords. However, it is up to you to ensure that the data was properly obtained following the GDPR.
Store Sales is also used for targeted marketing through Google AdWords. It allows you to import data from your own store transactions. As with Customer Match, Google does not need to prove that consent was given to use this data. You are responsible for complying with the GDPR in these situations.
Get Ready for the GDPR Implementation
The GDPR is scheduled to go into effect on May 25th. If you use any of the features or products discussed, you should begin getting ready for the regulations. The deadline is approaching. If you do not comply, you may face steep penalties.
With the threat of hackers and businesses illegally obtaining personal data from websites, the public is becoming more concerned with the protection of their data. Online privacy is a major issue that the European Union is attempting to address with these regulations.
The bottom line is that the GDPR may impact the way you use certain online marketing products, such as Google AdWords and Facebook Advertising. Make sure that you comply with these regulations and pay attention to any changes or amendments to the GDPR.