Request a demo
Mark Aspillera
M Posted 6 years ago
t 6 min read

“Hi, we just updated our privacy policy…” The odds are that you've received a bunch of emails the past few weeks that read like this: and from a variety of different software and service providers (including BrightEdge.) If you didn't know already, the reason for this sudden torrent of privacy updates is the European Union's rollout of the General Data Protection Regulation, or GDPR, which went into effect on May 25, 2018.

The regulation, which seeks to standardize laws for data protection and privacy across the member nations of the EU, sent many companies into overdrive to update their software products, websites, and other assets to be GDPR compliant. It also might have led some marketers to believe that their lead generation efforts will be negatively affected. The more likely reality, however, is that GDPR regulations will be a good thing for digital marketing campaigns, as digital marketers will have a more transparent view into how much of their website audience is genuinely interested in being contacted to receive a newsletter, schedule a demo, or any other marketing touch. In this post, we'll walk you through the potential marketing benefits of GDPR regulations and how to implement the required changes in a way that makes sense from both a legal and marketing standpoint.

brightedge gdpr example

What is GDPR?

Despite being adopted in 2016, the legal requirements of GDPR only came into effect in May of this year. The core intent of the regulation is to provide citizens of European Union member nations with the ability to fully control their personal data online, as well as to facilitate international business within the EU by establishing a shared set of data protection standards that should be adhered to. The primary requirements of GDPR that would affect web marketers are as follows:

  • Users’ personal data cannot be processed unless the user has given direct opt-in consent to the vendor
  • Users must be informed about the extent to which their data is being collected
  • Users have the right to access their personal data that’s been captured by a website or platform, and also documentation on how that data is being used by the vendor
  • The right to erasure (also known as the "right to be forgotten"): EU citizens have the right, at any time, to request that their personal data be deleted by a vendor

Does GDPR Hurt Digital Marketing?

The idea that GDPR might hurt digital marketing efforts stems from the fact that a key part of the regulation is the requirement that vendors include specific and visible opt-in messages to be included in the lists for interactions like email campaigns and other types of marketing/sales outreach. For example, if you create a landing page with a registration form for users to sign up for a webinar, it’s no longer a valid assumption that EU users are consenting to be enrolled in the mailing list for your newsletter when registering for the webinar. Instead, you must now include on the registration (as well as other forms on your site) a field or option through which the user can state that they would like to have their information shared or used to contact them with an offer other than the one they are explicitly signing up for.  Here is an example of how we do it: GDPR Web Form Example - brightedge The concern is that by introducing this additional layer of "friction" before a user can be added to a database, a vendor may suffer a decline in its total amount of leads.

How GDPR Helps Marketing

While it may be true that GDPR rules may reduce the overall amount of leads you receive through your website, only focusing on only the topline number is a shortsighted way of looking at your digital lead generation efforts. A more nuanced way of looking at lead generation is to model it according to your full conversion funnel. Not all leads are created equal. If the ultimate goal of generating leads on your website is to convert more users into sales then it follows that you will want to focus exclusively on getting in touch with users who have the highest likelihood to buy your product or service. GDPR compliance is actually aligned with this digital marketing goal. By requiring users to opt in being contacted for offers explicitly, there's greater certainty that the people who do end up opting in will, on average, be higher intent leads. So while lead volume at the top line may reduce, that would likely come alongside increased conversion further down the funnel all the way to revenue, making your digital marketing efforts not just more transparent, but far more efficient. In addition, your sales team will thank you for bringing in such engaged leads for them to contact. In short, while you may see top-level workable leads decrease you should see a corresponding increase in the conversion of your leads and ultimately higher close rates on your website lead generation tactics.

How to be GDPR Compliant on Your Site

At this point, many vendors around the world have completed most if not all of their GDPR updates. (hence the tidal wave of privacy policy update emails) That said, it never hurts to double check your work and ensure that you're up to date. Here's a checklist of essential updates that should be up and running on your website:

  1. Update webforms: Run a site audit to identify which web forms are currently active and build out a plan to update those forms to include an opt-in button or checkbox with a clear description of what the opt-in would sign the user up for.
  2. Update privacy policy: If you're a SaaS platform, it's especially important that you work with your legal team or counsel to update the privacy policy on your website to comply with GDPR terms. If you haven't already, send an email to your full customer list stating that you've updated your privacy policy and include a direct link to the privacy policy page.
  3. Update marketing automation settings: If your web forms are connected to a marketing automation platform it's highly important that you update your backend rulesets to take your new opt-ins into account. Set up a condition that ensures no one who leaves the opt-in field null will accidentally be added to a lead list or list of people to be contacted for offers other than the one they specifically registered for.

Next Steps...

If you have already implemented these steps you can breathe a little easier. If not, it is imperative that you implement your GDPR strategy with the help of your legal team as soon as possible but remember, it is likely that this will benefit your digital marketing strategy and your customers alike. This post does not constitute legal advice.