How GDPR and the ePrivacy Regulation Will Impact Digital Marketing Programs

The European Union (EU) is enacting the General Data Protection Regulation (GDPR) on May 25, 2018. If your business markets to the EU, hopefully you’re well down the path of compliance, as the deadline is approaching quickly.

The General Data Protection Regulation establishes new requirements on companies that collect, use and share data from EU citizens. In addition, an EU ePrivacy Regulation will be enforced in 2018. It provides additional particulars and complements the GDPR on the electronic communications data that qualifies as personal data, such as the requirement for consent to using cookies and opt-outs. The scope of the ePrivacy Regulation will apply to any business that provides any form of online communication service, uses online tracking technologies or engages in electronic direct marketing.

Below are some helpful links that provide more depth on GDPR and the ePrivacy regulation:

GDPR has broad implications that govern the data captured on EU citizens, and it impacts any organization collecting data on EU citizens regardless of where the data is collected or where the organization is located. Data governance committees approve policies and standards that have to do with the governance of data. View this site to get more of data governance.

Digital marketing programs are front and center in the regulation, and those programs must be compliant or else the advertisers risk stiff penalties – up to 4 percent of worldwide annual revenue.

Because of the far-reaching impact and some of the gray areas surrounding the regulation, many companies not based in the EU are adopting more stringent policies and practices, regardless of their location. You may have noticed a steady stream of updated privacy policy notices coming to you from sites where you may be registered as well as pop-ups on sites you visit informing you of their policies for cookies and data collection.

If your organization has undertaken efforts to address GDPR, this information will not be new to you; however, we thought it would be helpful to share the specifics about how this may affect digital advertising programs and actions to consider for those elements and programs that are subject to GDPR:

  • Leads (contact information collected by publishers and sent to companies)
  • Pixels placed on your site for retargeting purposes
  • Doubleclick/Google Analytics and other third-party tags collecting information about traffic and activity on your site

At MCC, we’re supporting our clients in a number of ways, including confirming media publisher compliance by requiring written notices of compliance plans and not running programs with partners who can’t provide that commitment. All partners must be in compliance in order to reduce the risk for clients. We’re also working with clients to help source opt-out or opt-in controls in compliance with the requirements of any or all EU jurisdictions. For lead transfers between publishers and clients, we’ll provide tools and quality control to ensure the secure transfer of that data in accordance with the regulations.

Is your company prepared for GDPR and the ePrivacy initiative? May 25th is bearing down on us all to be compliant. Let us know if we can help.

Pam provides strategic counsel to our clients and drives the strategy and business development of MCC. Her experience in technology, marketing, media, sales and business management is a unique combination and a valuable asset to the agency and its clients. Before MCC, Pam spent 12 years at CMP Media, a leading technology media company. As group president of the Technology Solutions Group, she provided strategic direction for magazines, websites and the group's research and conference businesses. A graduate of The University of Texas with a bachelor's degree in advertising, Pam is a board member of Big Thought, A Learning Partnership, and an ardent CrossFitter. Google+ || LinkedIn

Site Footer