GDPR is fast approaching and many people are still unclear on every way it will affect them. This blog will talk through the key points affecting online advertising, who is responsible for what, and how to ensure minimum disruption possible to your online advertising. However, this isn’t legal advice.
Key GDPR Areas Relating to Online Advertising:
What They Mean:
Personal Data can only be used with the express consent of the consumer
This includes any information you have on that user – email addresses, payment information, IP addresses, device IDs, location data and most importantly cookies.
Consumers have a “right to be forgotten” and a right of “data portability”
This means users have the right to change their mind at any time and either request their personal information back or ask for it to be erased.
Maintaining data security
Once you have got consent for the data, you must protect it and keep it secure. If a data breach were to happen, you need to report it to the ICO (Information Commissioner’s Office) within 72 hours to all users.
GDPR introduces a duty on all organisations to report certain types of personal data breach to the relevant supervisory authority. You must do this within 72 hours of becoming aware of the breach, where feasible.
If the data breach is likely to result in a ‘high risk of adversely affecting individuals’ rights and freedoms’, then you must also inform the individuals affected.
How Will GDPR Affect Online Advertising?
GDPR will affect remarketing/behavioural campaigns across PPC and social media platforms including Facebook and Instagram. Activity such as remarketing campaigns, RLSA and customer match will all be affected by the new cookie consent requirement.
However, if you are using your current customer emails as a targeting method (for example using customer match on AdWords), then you are responsible for the cookie consent and how the data is handled. If you are found to be using email data without customers consent for marketing purposes you could face a severe fine of up to €20,000,000 or 4% of your group worldwide turnover.
Obtaining Cookie Consent
There are a number of GDPR complaint ways to obtain users consent. Some sites may stick to a small banner to keep disruption to the user journey down to a minimum. Others may go for a large invading banner to attempt to gain as many cookie consents as possible. As long as the copy provided makes it clear that the user has the choice to opt-in to cookies and control their preferences it shouldn’t mean the end of cookies.
The Effects of GDPR
However, there is no getting away from the fact remarketing strategies will need to change before GDPR comes into effect on 25th May 2018. The audiences will be higher quality, but they will also be much smaller. This will make things more competitive amongst advertisers so bid prices and ad costs are likely to increase.
Here are some of our recommendations for an effective strategy going forward:
Make sure you are GDPR ready before the 25th May
Whether that be with your budget and bids, or the way you are obtaining cookie consent. Stay ahead of the curve and don’t just copy everyone else!
Expand your audiences to try and compensate for the shrinking cookie pools
If you are targeting website visitors in the last 7 days – make sure you are also covering visitors from the last 14, 30 and 60 days. If your lookalike audience was set at 1% before, increase that to 5% and go from there.
Want More Information on GDPR?
We are hosting a FREE GDPR Marketing Event in collaboration with Raworths solicitors on Tuesday 1st May. Hosted at The Tetley in Leeds city centre, you’ll hear from solicitor Phil Parkinson, a GDPR expert, and members of Team Zeal who will take you through what you need to do from a marketing and advertising perspective to be GDPR compliant. Just email firstname.lastname@example.org to reserve your place by Friday 27th April.