Digital marketing is the branch of marketing that includes any of your online efforts to reach your target audience. For example, this includes making use of platforms such as social media and blogs and using techniques such as targeted advertising or email marketing. And with many as 80% of businesses now conducting all their marketing online, it is clearly an important business function.
But digital marketing relies on the collection of data, understanding audiences, and being able to target them where they spend most of their time. Otherwise, you are just putting your content out into the crowded abyss that is the internet, with no idea if it’s going to be seen by the right people. But as well as creating engaging campaigns and analyzing data, businesses also have to take GDPR into consideration when planning their digital marketing strategy.
Despite these regulations coming into effect back in 2018, GDPR can still be confusing to many. That’s why we’ve put together this guide to provide a basic checklist for businesses that are planning on running digital marketing campaigns in the near future. That said, GDPR is complex and will impact different businesses in different ways, so this is by no means an exhaustive list.
Are you asking for explicit consent?
Consent is like the glue that holds GDPR together, that’s why we’re leading with this point. If you’re asking website visitors or customers to sign up for your newsletter, you need to make sure you’ve asked for consent to collect, store, and use their data. And this doesn’t just apply to email marketing strategies. It also applies to any campaigns that may ask for data, for example running a competition on social media. So consent needs to be at the forefront of everything you do. If you cannot prove that you explicitly asked for and gained consent from an individual, you could find yourself in hot water.
Are you also asking for cookie consent?
Are you using sign-up forms?
Do you have a clear opt-out option?
Are you running an email marketing campaign and encouraging site visitors and customers to sign up for your newsletter? Or perhaps you’re adding cookies to your site to use for retargeting later? Whenever you are collecting data during a marketing campaign you must also give individuals a way to opt-out of receiving your communications.
What’s more, as part of GDPR, everyone has the right to be forgotten. This means that every individual should be able to withdraw consent and have their data removed from your systems. You need to make sure you have systems in place to manage any deletion requests and also a visible and simple unsubscribe button on any marketing communications you send out.
Do you know why you’re collecting the data?
Another important part of GDPR legislation is that you must have a lawful reason for collecting personal information and you must not collect more than you need. So in any campaign, you run that requires you to collect data, be that via sign-ups, cookies, or anything else, you must know why you’re collecting that data specifically and how you plan to use it in the future. Because of this, it’s best to always keep data collection to a minimum. If you only need a first name and an email address, then that’s all you should be asking for.
- As up to date as possible
- Accessible to website users
- Clear and concise
- Easy for anyone to understand
Are you careful when using third party sites?
The good news is, when using third-party sites to advertise, such as running Facebook advertising, you limit your requirements. This is because the social media site itself is responsible for gaining consent and must let users know they may see targeted advertising etc. They must then give consent for this to happen. By simply liking your page they have already agreed to see your content.
However, if you plan to use their information to contact them in any other way outside the platform they are using, let’s say again this is on Facebook but you want to reach them via email, Facebook will have to make this very clear in the original privacy notice as well as finding legal grounds on which to use this data under GDPR – and this causes bigger issues for them! As such, it’s best not to try and contact customers or users in this way.