The EU’s General Data Protection Regulation (GDPR) came into force in May 2018. It’s more than a year since, but many organizations are still trying to find their footing in the new rule. Not everyone has complete clarity on what they need to change to ensure their setup satisfies the new law. It’s especially worrying when you think about the hefty fines that can be levied on businesses that do not comply. Few aspects of business have been as affected by GDPR as online marketing. That isn’t particularly surprising. Marketing is at the heart of the capture, management, use, and purchase of customers’ personal data. GDPR lead generation requirements are forcing change in how businesses generate, convert, and retarget leads. Here’s a look at how (and what you should do about it).
1. Audit your mailing list
If you started building your mailing list before the GDPR era, there’s a real possibility that it doesn’t entirely conform with the new expectations. So, businesses must start by comprehensively auditing their mailing list. They have to get rid of any customer record that cannot be linked to an unequivocal opt-in.
Once the mailing list is cleaned up, the business should ensure going forward that any new subscriber joining the mailing list confirms their subscription by clicking on an automated email they receive.
2. Review your data-collection methodology
Stop buying leads if you used to do so. If you purchased some of the customer records on your mailing list, it’s time to strike them off. In fact, if you cannot tell which contacts were opt-ins and which ones were bought, you should get rid of the entire mailing list and start afresh. It may seem like having a lot of your work going down the drain. Nevertheless, the short-term benefits of retaining the unclear list pale in comparison to the dangers of running afoul of GDPR lead generation requirements.
Note that if you choose to delete the email addresses and contact details from your old list, you should notify the affected customers on the same. It will be a positive for your reputation. Customers will have confidence that you will only do with their data that which they’ve consented for you to do.
3. Create incentives and multiple avenues for visitors to share their details willingly
Since buying leads is no longer an option, businesses have to put in the work in ensuring visitors to their site are happy to share their information voluntarily. Get a little creative. For example, you could create resourceful eBooks, guides, and white papers that visitors can only download if they register as a site user or subscribe to your mailing list.
4. Automate customer data
It may have been acceptable in the past to store customer data in a Microsoft Excel or Google Docs spreadsheet. With GDPR, that technique is no longer tenable. To reduce the risk of violating the new regulation, centralize customer data into a CRM system. That makes it easier to create avenues through which your customers can access their personal data in your possession, evaluate its usage, make any changes to their information, and request for its deletion if necessary. You can easily and quickly send to a user for review an electronic file with their full personal data whenever they ask for it.
5. Revisit your privacy statement
6. Retargeting Ads
Does your website use retargeting ad tools such as Facebook Pixel? Then you have to let visitors know immediately they visit so they can provide their consent. If you are publishing sponsored content, find out from the sponsor whether they use tracking cookies and if it’s necessary at all. If they confirm that they do, then this, too, should only occur with the explicit consent of visitors to your site.
7. Cookie popup notification
Cookies are fairly commonplace and play a central role in ensuring customized online experiences. Under the GDPR lead generation dispensation, a website must make it clear to visitors from the get-go that cookies capturing their personal information (like phone numbers, addresses, and transaction information) may be used as a means of improving their overall experience.
It’s easy to assume that anyone who’s been using the Internet for a while knows that websites track their online activities, preferences, location, and more. However, having a notification popup immediately a visitor lands on the site ensures there’s no confusion that this is happening.
8. Notification next to each form
This notice may create some apprehension among visitors so there’s a possibility that your conversions may see a significant drop. Nevertheless, this also ensures that the people who do proceed to provide their contact information are those most interested in further correspondence and eventually, purchase of your product.
In other words, you may have fewer signups but with that, you’ll have a higher engagement rate.
Some enterprises have in the past abused customer data by selling sensitive information to third parties or not giving it the level of protection it deserves. This was a major reason for the new privacy regulation. GDPR has triggered widespread changes in how companies with EU citizens as customers, handle personal information. This is especially so for online marketers that leverage personal data in order to target products more accurately.
GDPR wasn’t intended to impede business or place barriers in B2C communication. On the contrary, it seeks to raise data quality, increase transparency and spur innovation. So see GDPR not as an enemy but a valuable ally in your corner as you seek to give your customers the quality of service they expect from a top-notch organization.
With potentially millions of euros in fines for noncompliance, there’s no room for taking chances. Apply the tips we’ve shared here but more importantly, engage a lawyer to be certain that you are doing what’s required.
Featured image: Pixabay
More GDPR Preparation articles
- CCPA and GDPR: Similarities and differences you must know
- Binding corporate rules and GDPR: A data transfer and protection solution
- GDPR’s privacy by design: An opportunity, not a burden
- Warning! 5 GDPR mistakes you must avoid
- Compliance confusion: What does GDPR mean for mobile data?