General Data Protection Regulation (GDPR) was adopted in 2016, and companies in the EU were given until May 2018 to be compliant. Now we’re officially in the GDPR age, when you can face heavy fines if you put a toe out of line when it comes to audience privacy. Does that mean your data for personalized marketing is off-limits?
The answer is no, it’s not off-limits, but your data has to be streamlined and justifiable. And yes, personalization is still possible–if not even better– in the age of GDPR.
What the GDPR means to personalized marketing
First off, the GDPR might not apply to your business. If you’re 100% sure your audience are not in the EU, then the GDPR policies don’t apply to your campaigns.
But aside from being safe than sorry in case one or 101 of your audience are actually in the EU, the GDPR is now established as best practices every B2B or B2C organization, big and small, should implement.
What are the rules?
At its core, the GDPR boils down to:
1. Consent – Consent has to be there for everything, from cookies to email subscriptions and email follow-ups.
2. Transparency – Every data you collect should be justifiable in its collection and use, and you should inform your audience accordingly, which includes telling them that they can choose to decline or revoke their consent at any time.
An example from the UK’s Information Commissioner’s Office website: you can see the toggle for declining their cookies.
You’ve probably seen similar cookie permission windows. Disclosures on why you’re seeing certain ads are another example. As a consumer, it’s great. The control on your data is back in your hands.
If a business had already collected your data before the GDPR was adopted, they needed to obtain consent through opt-ins or discontinue the use of the data and delete it. This deletion also has a timeline. If you decline to opt-in, or request to remove your data, the company has to delete your data within 30 days.
Businesses can also ONLY use your data for the purpose you consented for, and they’re responsible for keeping it secure and private.
As a marketer, here’s what the GDPR rules do for your personalized marketing:
- You steer clear of data you might otherwise have no use for.
- You examine and streamline your mailing list to the ones who accurately match your target demographics.
- Practicing good data security reduces your company’s liability by a lot.
- You and your team are challenged to create good content that’s irresistible to your target audience. You need this to gain their consent to receive more.
- You streamline every campaign and your communication drip to make sure it’s justifiable and personalized to the needs of your target audience.
- You get opportunities for re-engagement: Blanket opt-ins makes you a nuisance, but when you re-engage and deliver a personalized message to someone who hasn’t opted in to this or that, it keeps you top of inbox and top of mind.
Here are two common scenarios that’s also a FAQ when it comes to GDPR:
Cold scenario: Sending a cold email to someone who has bought the product of your competitor is okay. (Sending a cold email to that same person for a product that’s completely irrelevant to their needs is NOT okay).
Warm scenario: Someone who has given you their email to download your lead magnet has not automatically given you consent to include them in your mailing list. Offering them more–related to the lead magnet and their needs– to get their subscription is great.
In both scenarios, you have legitimate interest, which makes you compliant to the GDPR.
It’s all about the needs of your target audience
Isn’t legitimate interest the core of customized marketing?
That actually places personalized experiences in line with GDPR’s essence, which is to make sure audiences are getting real value from what they receive from you. Unlike the spray-and-pray method in badly done cold emails and generalized ads, personalized marketing is targeted to your audience according to their preferences and needs.
From the beginning when you ask for them to opt-in, audiences are willing to give their data if you offer real value in return.
This real value doesn’t have to be big either. In fact, they are perks and services we have come to expect in digital interactions:
- It could be a promised discount on their first purchase after joining a mailing list
- Better product recommendations by registering in stores
- Sale and other event alerts after membership
- Exclusive tips and techniques or a digest of articles when subscribed to a blog
You can look at Amazon and Google as an example of highly personalized customer experience with an equally high volume of data.
Amazon has access to your purchase history, wishlist, and your gift recipients’ addresses. Google has access to your emails, your calendar, your daily and random routes on Maps, and so much more than that.
Both these giants give you so much in return: product recommendations, reminders, alerts, weather information for your trip, and so on.
No one would delete their Amazon and Google accounts any time soon, and customers just continue to give them even more of our data every day.
It’s the same for your audience. Build trust and deliver real value and you give them no reason to decline or revoke your data permissions. The opposite happens: you make them absolutely willing to give you more.