GDPR 101

By October 5, 2018 October 1st, 2020 Marketing Minute

View Video Transcription

Chris: Hi and welcome. On May 25th, 2018 the GDPR went into effect in the European Union. Although that affects mainly businesses that are doing business in the EU, it does have far reaching implications. So, we bring in Cordes Owen, an expert on all this stuff, to learn about a little bit more about how this effects your business and your marketing. First off all Cordes, I thought we had a deal about the shirt we were gonna wear today. What happened to your tropical pineapple shirt?

Cordes: I ran out of storage.

Chris: Well, if you guys can get past that he’s not dressed appropriately, we can answer some questions. First off all, what is GDPR?

Cordes: So, the General Data Protection Regulation is a brand-new rule in the European Union that is designed to protect citizens personal information.

Chris: Alright, who does that effect here in America, outside of the EU?

Cordes: Okay, so, first of all, most businesses in America are not gonna be effected by the GDPR. The ones that are gonna be affected are companies that own things like social networks, software and service, also known as SAS. If you are a publisher of content that derives money from selling information about your users, the people that read your website, you are affected. If you are someone who is, let’s say, a plastic surgeon or a car dealership, you are probably not really affected by this rule.

Chris: I saw on the newspaper that places like The L.A. Times now have just cut off users, like anybody that is in Europe, you can’t even go to their sites.

Cordes: That’s right, so today, if you are trying to browse the LA Times, Chicago Times, Baltimore Sun, and a few other publishers out there, if you try to go to their site, it’ll actually say: Sorry, because of their GDPR, you don’t have access to our site. And it makes you kind of wonder, what information were they selling about users on these websites?

Chris: Do you know the answer to that?

Cordes: Well, they were probably aggregating the types of articles that those particular individuals were reading and bucketing them into audience segments.

Chris: Alright, so what’s this mean then? If I’m someone that’s in the publishing, the marketing, all this stuff you were talking about, and I’m still trying to reach people, how do I have to change my business model or my marketing plan?

Cordes: So, are you one of those businesses that is affected by this?

Chris: I don’t know.

Cordes: Okay, so, if you are. So, let’s just say for example, look at your google analytics. Are you getting a ton of traffic from Europe, per say? And are you doing business with those people that are coming in from Europe? Are you selling them anything? Are you providing services? Are you providing like hosting to them, or whatever? If you are, then you’re probably effected but this. And what you need to do is, you need to make sure that you gain explicit permission to collect information about them. And not only do you gain their opt-in, but you need to publish and tell them, give them ease of access to that information with what you’re doing with that information. So, are you using that information to bill them? You just have to be transparent about it.

Chris: Part of this thing is this Right to be Forgotten. What is that?

Cordes: So, that’s where data is meant to expire. So, just because you signed up for a dating profile five years ago, doesn’t mean that that site gets to keep your information.

Chris: Okay. So, how do companies here in America deal with it and should they be preparing for something like this to happen in America within the next year?

Cordes: So, first off all, the way that companies are dealing with this, the European Union, the regulating agency, is actually is providing a tool kit for companies to make sure to publish that they’re collecting information about you through cookies or the behavior you’re doing on their sites. And you can go to their website, and we can post a link to that at the bottom of this video, and you can download it. It’s a combination of java script. So, you may have noticed some of the websites you have gone to, over the last several weeks, and today, may have, as soon as you go there, a little banner at the top that says, hey, this website uses cookies. If you close this banner, you’re opting into using our website and understand that we’re collecting information about your behavior on this site.

Chris: Alright, anything else we need to know?

Cordes: I think what’s important is just to run through a few things. So, the whole idea of this is to protect the citizens personal information right? When we say personal information, what we mean is their name, their address, their photos, and sometimes it even means their IP address. So, what is the IP address of their router at their house or what not. And especially if they’re using that information to connect you to an account where all the rest of your information might be stored, like your biometric data or your DNA data, whatever it could be. So, you wanna make sure that you ask people to explicitly opt-in to your ability to collect data about them. And if not, you may not be able to grant them access to your site. Because the fine is pretty huge, it’s up to five percent of your revenues. Which could be enormous. Already today, Facebook and google, people have already taken them to court in the European Union and their fines could range as much as seven billion dollars because they’re saying they’re not complying with this. It’s a pretty big deal. You wanna make sure that you give people easier access to their data. For example, if you’re collecting information about people on your website, if you don’t have the ability to allow them to log in and delete their data, you may wanna try using a third-party tool. Say, for example, you’re collecting information about them, well instead of storing it in your website data base, why not store it in your constant contact account? It’s a very cheap way to store the data and constant contact when you send out your newsletters, already has a place where people can opt-out or they can delete the data that you store about them. So that’s a really cheap way of dealing with this. And then take a look at your policy. You wanna make sure that your privacy policy conforms to the GDPR rules that are publicly available, you can go and check them out. And then…

Chris: There’s that!

Cordes: There’s that! Exactly.

Chris: Alright, well thank you very much. I feel a little bit smarter and if you have any more questions concerning this, feel free to give us a call at Bake More Pies in Tampa, Florida. Cordes Owen is the expert on this, and I’m just the guy that has great fashion sense. I’m Chris Fisher, have a great day.

Cordes: Thanks everyone!

Leave a Reply