Top

What is the GDPR and how will it affect Paid Ads?

We’ve been receiving many questions lately about what exactly the GDPR is and why should we care?
In this post, we hope to explain you need to know and the most frequently asked questions:

1.What is the GDPR? 

2. What does this mean for advertising on Facebook?

3.When is the GDPR change (and why does compliance matter)?

4. How do you make sure of your sales team’s GDPR compliance?

Let’s begin:

1.What is the GDPR? 

Any salesperson or marketer who hasn’t heard about the GDPR by now is in for a bumpy (and potentially litigious) ride.

The GDPR stands for the General Data Protection Regulation, a recent EU law that sets the rules for anyone handling personal data about EU residents.

You might think only IT teams, sales and marketing specialists would need to worry about compliance with these news regulations. But the GDPR change could have significant implications for you and your business. 

Even when you’re selling to a business, you interact with individuals and their personal data each and every day – meaning many of your activities fall under the GDPR scope.

2. What does this mean for advertising on Facebook?

Companies in the EU are not allowed to upload personal data to Facebook to build a Custom Audience. To do this you need the agreement of every person.

Here is a written statement  from Facebook.

 Facebook takes data protection and people’s privacy very seriously and we are committed to continuing to comply with data protection laws. The General Data Protection Regulation (GDPR) creates consistent data protection rules across the EU. The GDPR will become effective May 25, 2018 and applies to companies based in the EU as well as companies around the world who provide or offer goods or services, and who process data from or about, people in the EU. While many of the principles of the GDPR build on current data protection rules in the EU, the GDPR has a wider scope, more prescriptive standards and substantial fines for compliance violations. For example, it requires companies to obtain a higher standard of consent from customers, where relevant, and broadens individuals’ rights with respect to accessing and porting their data.

Facebook takes data protection and people’s privacy very seriously and we are committed to continuing to comply with data protection laws.

3. When is the GDPR change (and why does compliance matter)?

Facebook says:

GDPR enforcement will begin on 25 May 2018 and you don’t want to be caught off guard.

The authorities see salespeople as data controllers who bear the brunt of the responsibilities under the law. If you’re unprepared, you’ll feel the wrath – salespeople will receive no special treatment.

Failure to comply can lead to crippling fines of up to 20 million euros (a significant portion of annual turnover for even the largest of global companies).

From Facebook: The General Data Protection Regulation (GDPR) creates consistent data protection rules across the EU. The GDPR will become effective May 25, 2018 and applies to companies based in the EU as well as companies around the world who provide or offer goods or services, and who process data from or about, people in the EU. While many of the principles of the GDPR build on current data protection rules in the EU, the GDPR has a wider scope, more prescriptive standards and substantial fines for compliance violations. For example, it requires companies to obtain a higher standard of consent from customers, where relevant, and broadens individuals’ rights with respect to accessing and porting their data. You can read more here

4. How do you make sure of your sales team’s GDPR compliance?

Going through all 99 articles of the legislation is enough to frighten a team of well-practiced lawyers, let alone salespeople who have calls to make, meetings to hold, and emails to send.

There’s no need to panic. You shouldn’t feel like you need to put a pause on your business until you’re up to speed. You have plenty of time to make your processes compliant and you only need to understand a fraction of the legislation.

I’m about to simplify this potentially mind-numbing web of legal mystery so you know exactly what actions you need to take to prepare you and your sales team for GDPR compliance.

Our Commitment to Our Clients:
How Conversions Marketing will help your account and make sure it is compliant with GDPR.

If you send us emails from countries from the EU to create a lookalike audience, we’ll make sure to communicate with you that they are compliant with the GDPR. As of  May 28th, we will no longer able to target specific behaviors of the audiences in the EU–targeting people that make over $1 million dollars, people that recently got married, or purchased a home, etc–However, we will still be able to do this super targeting for the US audience.

Because this information for the EU audiences will not be accessible to us, we’ll find other resources to look for statistics and patterns of behavior. Websites like Pew research, Google trends , your Google analytics that shows your audiences behavior, Google Insights that help us find behaviors from your business listing,Google alerts, to see what is happening with your competitors, and some of our  paid software that shows more insights and more. Yes, it’s more work for us, but we are committed to not letting this affect your conversions on your paid ads.

We’re prepared to not let this bump in the read affect the consistency of leads you’ve been receiving.

If you are not yet a client of ours, and deal with international audiences, contact us here to see how we can help maintain your consistent leads

 Suggestions:

Sales-specific GDPR lessons to keep your team safe

We want to help you find the needle you are looking for in the GDPR haystack.

Although it helps to have a broad understanding of the entire GDPR – you really need to make sure you understand the principles of the GDPR.

In particular, salespeople need to follow the 3 key directives outlined below.

How do you make sure of your sales team’s GDPR compliance?

Going through all 99 articles of the legislation is enough to frighten a team of well-practiced lawyers, let alone salespeople who have calls to make, meetings to hold, and emails to send.

There’s no need to panic. You shouldn’t feel like you need to put a pause on your business until you’re up to speed. You have plenty of time to make your processes compliant and you only need to understand a fraction of the legislation.

I’m about to simplify this potentially mind-numbing web of legal mystery so you know exactly what actions you need to take to prepare you and your sales team for GDPR compliance.

In particular, salespeople need to follow the 3 key directives outlined below.

#1. Gather only data you need and make sure you have lawful grounds to process this

The GDPR includes a limited list of acceptable reasons for gathering data you do not need and “it might be useful at some point in the future” is not one of them.

Develop a process designed to generate as little data as possible. Regardless of the GDPR, minimizing the data collection process for a salesperson only makes her job easier (more time to chase down quality leads and less time spent managing admin).

If you need the data for your contract with the person or for your legitimate interests (according to GDPR Recital 47, direct marketing passes this test!) you should have no problems – as long as you define and explain your need to the data subject.

Otherwise, you must ask for consent.

Don’t underestimate the difficulty of this task. Gathering the proof points you need for consent is much more complicated than it sounds. Consent has to be freely given, specific, informed and unambiguous. This needs to come through an affirmative action (pre-ticked boxes aren’t allowed).

You’ll have to record the consent and you need to be prepared and able to remove the relevant data if the person changes their mind.

#2. Be open about your actions and prepare for data subject requests

Protecting the individual is a core purpose of the GDPR.

As a salesperson, you should make sure your customers are well informed of what you’re doing with their data and why you’re doing it.

You also need to be prepared for your customers exercising their right to have access to the data. You need to make this process possible, and you need to be able to delete this data on request of the contact.

#3.Keep the data safe and delete it when you’re finished with it

You cannot have privacy without security.

The GDPR requires you to make sure you have appropriate security for any personal data you process. This means strong passwords, access controls, and industry standard technical security measures are an absolute must.

Additionally, you should establish a system to make it clear when data needs to be deleted. Establish specific triggers when certain conditions are met to live up to that commitment and automate the deletion process – you’ll save time and reduce your anxiety in the long-term.

Interested in a free consultation? Contact us here 

 

Share