Will Blunt is the founder of Sidekick Digital by Will Blunt - B2B Marketing Expert - Sidekick Digital, a publishing business that launches, manages, and grows brands with content marketing.
Disclaimer: This article is not legal advice. To ensure your business and website is GDPR compliant we recommend you speak with a qualified legal professional.GDPR is here and everyone is frantic...
For most businesses, there is still some confusion about where they stand, what they need to do, and if the steps they have taken up until now will satisfy the new regulation.It’s frightening when you’re left in the dark about something that could have a significant impact on your business and livelihood.But don’t panic. While on the surface the GDPR looks like an overly complex restriction on the way you conduct business in an online world, we believe it is a step in the right direction.So, if you capture, manage, and use the personal data of people in the European Union (EU) I bet you have a ton of questions on your mind about what GDPR means for lead generation.This article will answer the most common (and important) questions that businesses have about GDPR and lead generation.
I’m not based in the EU, does GDPR affect me?
The short answer is yes… but it’s complicated.If you own a burger shop in the heart of New Zealand, and your only means of capturing a customer’s personal information is by entering it manually at the point-of-sale, then you’re probably good. GDPR won’t have much of an effect on you.However, if you run a website that tracks or captures any personal information from residents of the 28 EU countries, then you need to make sure you are compliant. This data capture may be as simple as having a Google Analytics tracking code installed on your website. So, yeah, it affects a LOT of businesses.
What type of data does the GDPR cover?
The GDPR is specifically focused on governing “personal data”.Here is what the European Commission defines personal data as:
Personal data is any information that relates to an identified or identifiable living individual. Different pieces of information, which collected together can lead to the identification of a particular person, also constitute personal data.”
Examples of personal data include:
- a name and surname;
- a home address;
- an email address such as email@example.com;
- an identification card number;
- location data (for example, the location data function on a mobile phone);
- an IP address;
- a cookie ID;
- the advertising identifier on your phone;
- data held by a hospital or doctor, which could be a symbol that uniquely identifies a person.
Note: Company information is not considered “personal”, such as registration numbers and generic company emails.
How does GDPR affect lead capture?
Perhaps the most affected parties when it comes to GDPR are those businesses who capture leads online; be that via their website, on social media, or through other channels.Say, for example, you have an opt-in form on your website for a weekly newsletter. Or perhaps you collect email addresses and contact information in exchange for a free resource, such as a white paper. These lead capture forms will now be governed under new regulations for any website visitors who reside in the EU.The method for capturing leads, be it a landing page, quiz, contest, popup, calculator, or something else, doesn’t matter. If you are collecting personal information about people then you need to follow the rules.Here are some things to be aware of when it comes to obtaining someone’s consent for lead capture and use.Consent to opt-in to your lead capture forms needs to be:
- Active and ‘freely given’ - Your forms should include an unchecked box that people manually select, alongside a description of how you will use the data you are collecting. See what this looks like below from sales software Membrain:
An example of active and 'freely given' consent on a lead capture form.
- Separate and granular - Your description of how you use the data you collect can’t be generic and bundled into one checkbox. This is not considered an active choice. People must consent to each separate use of their data. Below is an example of this in action as “Communication Preferences” from Close.io:
An example of separate and granular choice for email marketing preferences.
- Non-discriminatory - People shouldn’t be penalized or disadvantaged if they choose not to consent.
One thing is for certain, for any business that collects, manages, and uses personal data in the EU, GDPR will change the way you capture leads. But you don’t have to view it as a negative thing. After all, you are capturing leads that will hopefully become customers, so giving your customers a choice about how you use their data is a good thing. It builds trust and, in many cases, improves the quality of the leads you collect.
What does GDPR mean for pixels, cookies, and tracking codes?
An example of a 'Cookie Consent' website banner.
How do these changes affect our email marketing strategy?
On top of capturing cookie information on your website, the GDPR governs the way you collect, manage, store, and delete personal information in your CRM or email marketing software.Here are three important things to be aware of when it comes to your email marketing strategy:
- You need to gain active consent from current contacts in the EU (Note: This should have been done prior to the May 25 deadline, but it’s better late than never!). As well as gaining consent from future subscribers, the GDPR requires that businesses gain active consent from their current EU subscribers too. The easiest way to do this is to segment your subscriber list by geography and send a GDPR consent email to those that reside in the EU. Below is an example of an email for this purpose from the SEO tool Mangools:
An example of gaining active consent from EU email subscribers.
- You need to keep a record of the active consent of all EU subscribers to your list. This is one area where a “double opt-in” can be helpful. While it’s not considered mandatory under the GDPR, sending a confirmation opt-in email to all new subscribers with a link that obtains their active consent to receive messages from your business will ensure you are compliant with the need to record the consent of individuals. It’s also effective for cleaning up your list and improving the quality of your subscribers.
- You need to understand how to delete personal data for users if they request it. Under the GDPR, if an individual from the EU contacts you and asks for their personal data to be deleted from your system, then you need to comply. This isn’t always a simple process, depending on your CRM or email software. So make sure you are aware of how to do this if the situation ever arises.
Does GDPR affect outbound lead generation?
At its core, GDPR is trying to deter companies from misusing the personal information of individuals, as well as giving those individuals more choice with regards to the use of their personal information.Many people believe these changes will spell the beginning of the end for outbound lead generation in the EU - such as cold emails, selling of distribution lists, and other outbound lead generation tactics. (All tactics we don’t recommend at ShortStack anyway!)Because contacts haven’t actively consented to receive information from you, traditional outbound strategies become a bit of a grey area. And it becomes hard for businesses to scale outbound campaigns while still being compliant.We believe that these changes will reinforce the importance of inbound lead generation tactics such as content marketing and social media. So if your business is reliant on outbound tactics for growth then it might be time to re-think your approach.
What should we do about GDPR?
If you haven’t already, you need to take steps in order to ensure your business is GDPR compliant.Here is a summary of the steps you could take:
- Install the “Cookie Consent” code snippet on all of your website pages.
- Put a system in place for recording the consent of your contacts, and become familiar with the process for deleting user information from your software of choice.
Are you all set for GDPR so that it won’t affect your lead generation efforts? Disclaimer: This article is not legal advice. To ensure your business and website is GDPR compliant we recommend you speak with a qualified legal professional.
Try making a free contest or promotion to gather leads from your social media.
Get Started Today. No credit card required. Risk-free.
Recent postsGo back to blog
Are you ready for Gmail and Yahoo’s New Email Sender Requirements?
In an effort to improve security and the over-all experience of email recipients, Gmail and Yahoo have implemented new requirements for bulk senders. Learn what they are and how to stay in compliance with this quick read.
Everything You Need to Know About Query String Parameters
Learn how you can use query string parameters in your next entry form to collect better data and engage users.
Get productivity tips straight to your inbox
Launch an irresistible giveaway. Get started for free.
Join 630.000+ marketers that are boosting engagement and sales.