What does the GDPR really mean for marketers?
To build truly great experiences, marketers need to know how, when, and why shoppers want to be engaged. The way we view it is if the GDPR helps you deliver the type of marketing your customers want to see, that's only a good thing. This is why we believe that companies worldwide should aim to comply to GDPR or similar data protection standards.
Behind all of the hoopla, the GDPR mostly just comes down to two big things:
Clear, unbundled, and unforced consent to use personal data
The right to to access, edit and delete personal data
The days of throwing people onto one big marketing list where you send everything to everybody are long gone. We've been arguing against lists for years and since the arrival of the GDPR it has become more important than ever to switch to a single customer view approach.
In brief, you need to ensure the data you collect is;
We use Pathfinder Cookies, which sets a first-party cookie in order to anonymously identify when users return to specific websites. Pathfinder uses the information sent with this cookie to store a history of website pages visited in a user’s session, to help target customers with relevant ads/services and or emails. This data will not be used to associate any part of your identity, anonymous or not, with any other data held by Pathfinder.
Deleted after a reasonable period of non-use - Pathfinder deletes anonymous tracking records after 6 months.
Opted-in. Your customers should clearly opt-in to cookies upon first use of your site (and after any additional tracking or data is collected from them). Your e-commerce store should give the option to display a cookie opt-in box. Ask them how to link your Pathfinder cookies to this. You should not allow your users to dismiss the cookie box without either selecting accept or reject.
Not collected at all if the customer exercises their 'right to object' - if your user does not want to be tracked anymore, they can contact you. You must then manually delete their record from Pathfinder and if you have a cookie opt-in and opt-out box, this will then prompt them at their next visit, where if they decline, they will no longer be tracked.
Available for the customer to see, and take to another service, within a certain time frame if they submit a 'Subject Access Request' to you - when you receive a subject access request, you can export the contact data via CSV.
Erased, within a certain time frame, if the user submits a 'Right to erase' - You must then manually delete their record.
Note that you may have customer data in other platforms which will also need to be considered.
If you want more help in being data compliant, consider using the data protection mode, available to all Pro subscribers.