The General Data Protection Regulation (GDPR) has been a bit of a headache for everyone, especially for marketers, and not only businesses that operate within the European Union, because it concerns all organizations that provide services to EU citizens. Overwhelmed by all the legal and technical jargon, and not sure where to start? We've got your back. In this article we will go through the fundamentals you need to know, including resources to cover the legal basics, GDPR compliant data collection, as well as how to keep your cookie banner in sync with your website and corporate identity.
If you're finding it difficult to stay on top of the everchanging requirements for GDPR compliance, you'd be pleased to know that our in-house certified data protection officers cooperate with external legal experts to update our policies on a regular basis to ensure that your website stays up-to-date with the latest legal regulations.
Let's take a look at a few terms that would be relevant to digital marketing:
Data subject refers to any individual who can be identified, directly or indirectly, via personal data.
As defined in GDPR Article 4(1), personal data are "any information which are related to an identified or identifiable natural person". This means any identifying information being collected on an online user is considered personal data. This information can be a name, an e-mail address, a number, IP address etc. - any data that can be linked directly or indirectly to a person’s identity, as well as any information about a person’s financial, social, physical, mental, or cultural identity.
All third-party cookies that are used for identifying ideal customers, creating compelling and relevant content, as well as building more effective marketing campaigns by collecting personal information such as their age, gender, location, interests, as well as their behavior on your website, search engines and social media. Some common examples are Facebook pixel, YouTube cookie, and Google Adwords cookie.
Ultimately, in order to comply with the GDPR regulations regarding third-party cookies, digital marketers can only use personal data that has been collected with consent. However, "necessary" cookies do not require consent, these are cookies that are essential to the functionalities of your website or app, or fall under what the GDPR calls "legitimate interest".
"Legitimate interests" generally apply whenever an organization uses personal data in a way that the data subject would expect, which includes their (or a third party's) commercial interests under the following conditions:
For more on legitimate interests - check out our blog post dedicated to the topic.
Being able to learn about your website visitors' behavior is vital to marketers' ability to target potential clients. The GDPR requires website visitors to opt-in, or give explicit consent to the use of their personal data. Any data that the TRUENDO Consent Management Platform is able to collect, can be used while remaining fully compliant with data privacy laws.
You can access the valuable information collected in TRUENDO's statistics dashboard - Insights. User consent data and privacy preferences are also displayed in an easy-to-manage consent records dashboard, where you can search by user ID or date range, allowing you to prove compliance with ease.
Operating a company internationally? No problem. TRUENDO is now available in 31 languages, so the banner and widget would be displayed in the language of your visitors' browser. TRUENDO's Geo-Control feature also allows you to choose whether your website displays the TRUENDO CMP only in EU countries or worldwide.
The color scheme of our cookie banner and privacy widget, as well as button colors and size can be changed to match the corporate identity of your organization to maintain a seamless look on your website.
DISCLAIMER: The contents of this website are intended to convey general information only and not to provide legal advice or opinions. The information presented on this website may not reflect the most current legal developments. An attorney should be contacted for advice on specific legal issues. The implementation of a data protection law compliant Consent Management Platform (CMP) is ultimately at the discretion of the respective data protection officer (DPO) or legal department.