If you do business with prospects and customers in the European Union (EU), understanding and complying with the General Data Protection Regulation (GDPR) just became essential. Here’s what you need to know about it, and how it could impact your Facebook Ads strategy.
General Data Protection Regulation and Facebook
GDPR is part of an EU law designed to increase data protection and ensure greater privacy for people living in the EU. Specifically, GDPR contains guidelines for the export of personal data outside the European Union.
If your business must comply with GDPR, your data collection and use practices must be more transparent than ever. Plus, you will not be able to collect or use consumer data without their express consent.
GDPR empowers consumers when it comes to their personal data. They now have the right to know about data breaches, to know what data you have on them, and to be forgotten by your business systems if they don’t want you to have their data.
Then there’s the matter of the fine. Fail to comply with GDPR, and you could be fined 4% of your global annual revenue. That’s nothing to sneeze at.
How do you comply?
- Review the GDPR FAQ page and Facebook’s release [The release will show you how their compliance works, and give you an idea of how it may affect you as an advertiser.]
- Inform your prospects: make it clear which data you’re collecting, what you do with their data, and who will see their data.
- Make sure you have a relevant legal basis for having and using the data (legitimate interests, consent, or contractual necessity).
- Complete your compliance requirements by May 25, 2018.
[HAVE QUESTIONS ABOUT GENERAL DATA PROTECTION REGULATION? CLICK HERE]
As you can imagine, businesses are rushing toward compliance ahead of the deadline. Facebook is a massive controller and processor of personal data. So if you do business using Facebook Ads, it’s likely to be affected as they comply with GDPR regulations.
In general, Facebook is aiming for greater accountability and transparency regarding the data they obtain and how they use it, so their users have more control over the collection and distribution of their personal information.
Many Facebook advertisers will need to implement new practices to obtain consent, including:
- Retail websites collecting data for ad targeting
- Bloggers who use cookies to gather demographic info about their readers
- Businesses that use Facebook Pixel for conversion and retargeting data
PRO Tip: Instagram, WhatsApp, and Messenger are owned by Facebook, so your advertising and data collection strategies on that platform will become general data protection regulation compliant, too.
So what do you do now?
If you haven’t already, make data collection, sharing and use information public, and start acquiring consent. You can do this using a cookie bar, or by asking for consent when people sign up.
If you upload Custom Audiences to Facebook using a data file, you can use the Custom Audiences permission tool to keep that process GDPR compliant. If you use Lead Ads on Facebook, just follow their instructions to link your lead ad to your privacy policy, so you can inform users of your data practices, and collect their consent, in real time.
Even if you don’t do business in the EU, transparency around data is essential to building trust with your users. And the more a customer trusts you, the more loyal they’ll be to your brand (and your products).
[Have questions about data or privacy? Ask our experts!]