Online lead generation, conversion, and retargeting in the age of GDPR

The EU’s General Data Protection Regulation (GDPR) came into force in May 2018. It’s more than a year since, but many organizations are still trying to find their footing in the new rule. Not everyone has complete clarity on what they need to change to ensure their setup satisfies the new law. It’s especially worrying when you think about the hefty fines that can be levied on businesses that do not comply. Few aspects of business have been as affected by GDPR as online marketing. That isn’t particularly surprising. Marketing is at the heart of the capture, management, use, and purchase of customers’ personal data. GDPR lead generation requirements are forcing change in how businesses generate, convert, and retarget leads. Here’s a look at how (and what you should do about it).

1. Audit your mailing list

GDPR lead generation

If you started building your mailing list before the GDPR era, there’s a real possibility that it doesn’t entirely conform with the new expectations. So, businesses must start by comprehensively auditing their mailing list. They have to get rid of any customer record that cannot be linked to an unequivocal opt-in.

Once the mailing list is cleaned up, the business should ensure going forward that any new subscriber joining the mailing list confirms their subscription by clicking on an automated email they receive.

2. Review your data-collection methodology

Stop buying leads if you used to do so. If you purchased some of the customer records on your mailing list, it’s time to strike them off. In fact, if you cannot tell which contacts were opt-ins and which ones were bought, you should get rid of the entire mailing list and start afresh. It may seem like having a lot of your work going down the drain. Nevertheless, the short-term benefits of retaining the unclear list pale in comparison to the dangers of running afoul of GDPR lead generation requirements.

Note that if you choose to delete the email addresses and contact details from your old list, you should notify the affected customers on the same. It will be a positive for your reputation. Customers will have confidence that you will only do with their data that which they’ve consented for you to do.

3. Create incentives and multiple avenues for visitors to share their details willingly

Since buying leads is no longer an option, businesses have to put in the work in ensuring visitors to their site are happy to share their information voluntarily. Get a little creative. For example, you could create resourceful eBooks, guides, and white papers that visitors can only download if they register as a site user or subscribe to your mailing list.

Have specific popups for different pages and sections of your website depending on whether the visitor is interested in general news, blog posts, or new products. Remember to include a link to your privacy policy to ensure compliance with GDPR lead generation rules.

4. Automate customer data

GDPR lead generation

It may have been acceptable in the past to store customer data in a Microsoft Excel or Google Docs spreadsheet. With GDPR, that technique is no longer tenable. To reduce the risk of violating the new regulation, centralize customer data into a CRM system. That makes it easier to create avenues through which your customers can access their personal data in your possession, evaluate its usage, make any changes to their information, and request for its deletion if necessary. You can easily and quickly send to a user for review an electronic file with their full personal data whenever they ask for it.

5. Revisit your privacy statement

Your existing privacy policy may not necessarily be in line with GDPR lead generation requirements. To ensure you are on the right side of the law, review it and make the necessary changes.

Keep an eye on language that is difficult for customers to read and understand. A privacy policy should be clear, unambiguous, and not create gray areas. The policy should also be within easy reach irrespective of the page on your website it is on but especially on web pages where personal information is collected.

6. Retargeting Ads

Does your website use retargeting ad tools such as Facebook Pixel? Then you have to let visitors know immediately they visit so they can provide their consent. If you are publishing sponsored content, find out from the sponsor whether they use tracking cookies and if it’s necessary at all. If they confirm that they do, then this, too, should only occur with the explicit consent of visitors to your site.

7. Cookie popup notification


Cookies are fairly commonplace and play a central role in ensuring customized online experiences. Under the GDPR lead generation dispensation, a website must make it clear to visitors from the get-go that cookies capturing their personal information (like phone numbers, addresses, and transaction information) may be used as a means of improving their overall experience.

It’s easy to assume that anyone who’s been using the Internet for a while knows that websites track their online activities, preferences, location, and more. However, having a notification popup immediately a visitor lands on the site ensures there’s no confusion that this is happening.

8. Notification next to each form

Below or adjacent to any form on the website asking users to populate it with their personal information, must be a notice that briefly explains what data you collect, plans for its use, and a URL they can click on to read your privacy policy in detail. It should include an empty checkbox that users click on to confirm they’ve given their consent.

This notice may create some apprehension among visitors so there’s a possibility that your conversions may see a significant drop. Nevertheless, this also ensures that the people who do proceed to provide their contact information are those most interested in further correspondence and eventually, purchase of your product.

In other words, you may have fewer signups but with that, you’ll have a higher engagement rate.

Moving forward

Some enterprises have in the past abused customer data by selling sensitive information to third parties or not giving it the level of protection it deserves. This was a major reason for the new privacy regulation. GDPR has triggered widespread changes in how companies with EU citizens as customers, handle personal information. This is especially so for online marketers that leverage personal data in order to target products more accurately.

GDPR wasn’t intended to impede business or place barriers in B2C communication. On the contrary, it seeks to raise data quality, increase transparency and spur innovation. So see GDPR not as an enemy but a valuable ally in your corner as you seek to give your customers the quality of service they expect from a top-notch organization.

With potentially millions of euros in fines for noncompliance, there’s no room for taking chances. Apply the tips we’ve shared here but more importantly, engage a lawyer to be certain that you are doing what’s required.

Featured image: Pixabay

1 thought on “Online lead generation, conversion, and retargeting in the age of GDPR”

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top