What GDPR Means for Brands


June 19, 2018


Courtney Acuff

VP, Solution Lead, Channel Program Design & Data Services

As a Solution Lead in the Ansira Channel business unit, Courtney is focused on designing and developing partner programs for today, and tomorrow, while also leveraging the data and insights from hundreds of partner programs across automotive, technology, retail, insurance, and QSR verticals for client-specific decisioning and aggregate program trends.

The General Data Protection Regulation (GDPR) is a reminder to brands that protecting personal data is a serious business. The global rule, which went into effect on May 25, 2018, governs the way companies process the personal data of European users. Brands that don’t comply can face a hefty fine of up to 4% of global revenue.

For any e-commerce company or brand that sells goods and services internationally, GDPR has an impact on data collection. Ansira breaks down the basics.

Brand Reality
In the aftermath of the Cambridge Analytica scandal, there’s plenty of hype and fervor around the personal data brands collect. However, even with GDPR, brands can still practice the same level of data retrieval they’ve had in the past. The only real difference now is that users have to consent to it — and have to be given greater transparency and the right to have that data removed.

GDPR boils down to these three things:

Consent: Brands are required to provide comprehensive up-front notifications about how personal data is being collected on their websites. Most brands demonstrate their GDPR compliance with pop-up windows that ask users for their consent.

Transparency: Brands have to explain personal data use in ways the average person can recognize and understand. Pages of legalese or confusing wording won’t cut it. The pop-up windows must also tell users where to go on the brand site to find their data and give them the option to delete it.

User rights: Companies must honor user rights to delete personal data. The brand has 30 days to respond and comply. If they don’t, this is where the hefty finds come in.

User Reality
From a data-collection standpoint, users won’t notice any sudden change online, other than the pop-up windows asking for their consent. For users who want to delete their data, the process is like disputing information on a credit report. They simply follow the guidelines set forth on the brand website and then wait the requisite time for the issue to be resolved.

Brand/Agency Role
Brands must be sure their marketing or advertising agency understands the intricate nuances of GDPR as it pertains to user experience, website development, and other relevant online activities. Because most public websites are accessible to European users, GDPR is a reality that must be handled with full compliance.

Although many brands are still in the midst of evolving their policies, time is of the essence. It won’t take long for a company to be slapped with strict penalties for noncompliance, just to make an example. The burden of responsibility is real — and falls on any company that collects personal user data.

Get Intel From Ansira

Share This

More Articles Like This

Instagram vs. YouTube: The Ongoing Battle for Video Dominance

Social Media

Instagram vs. YouTube: The Ongoing Battle for Video Dominance

We’ve witnessed some epic battles of customer choice over the years. With the launch of IGTV, Instagram turns up the competitive heat on YouTube.

Read More
How Brands Empower Channel Partners to Market Locally

Ansira Edge

How Brands Empower Channel Partners to Market Locally

A through-channel marketing automation (TCMA) solution helps national brands support channel partner marketing at the local level.

Read More
3 Different Approaches to Co-op Advertising

Brand to Local

3 Different Approaches to Co-op Advertising

Getting the most out of a co-op advertising account depends on a variety of factors, such as budget and resources, but the right strategy can make a big impact.

Read More