GDPR and Your Marketing Funnel: The Complete Guide
For months, I’ve started work every day, by opening my laptop, and reading about GDPR.
First of all: don’t look at me like that, I don’t need your pity.
Second of all: I get it now.
In that, I will forget my own name before I forget the requirements for legally obtaining consent.
Years and years from now when none of this matters—when we can all teleport, and our consciousness will be uploaded to the cloud anyway—if you ask me: “Mac—in 2018, were persistent cookies considered personal data?”
I will remember.
I will know.
I will die knowing.
But here’s the thing. I’m a copywriter, and a marketer. I build brands, and funnels. I try and write the words that make people click the buy button.
And what it took me a while to figure out is: “How do all these new legal shifts affect ALL OF THAT.”
If you’re finding yourself on this article, I’m assuming you’re wondering more or less the same thing.
So I’m going to break it down: how your marketing funnel should look, in the post-GDPR world.
Here, I’ll go through the most common tactics you use to attract a potential lead. I’ll go through your email nurture sequence, your conversion push, your upsells, and the methods you may use to try re-engage your customers. And I’ll explain what you need to consider, every step of the way, once GDPR comes to force on May 25th.
(We all better be).
Before we start, there are a few core GDPR principles that you should let soak in. They’ll govern pretty much every other piece of advice I give in this series.
There are new standards now for processing personal data. In most cases, you’ll need consent to do so—and the rules for what “counts” as properly given consent, have changed.
Under GDPR consent must be:
- a statement or clear affirmative action
- freely given
We’ll go into more detail about what exactly these mean—but the main thing to note here is, you probably have to do more. Your prospect needs to know more about how you’re using their data. And they have to be more explicit about allowing you to use it.
The definition of what personal data is has expanded a bit under GDPR. Things like cookies, which in the past, only required “opt-out” consent—now require “opt-in.” IP addresses, zip codes, and any unique identifiers—they’re all on their way to requiring an “OK.”
Here’s a list of some of the things that are now considered personal data.
- Full name (if not common)
- Home address
- Email address
- National identification number
- Passport number
- Vehicle registration plate number
- Driver’s license number
- Face, fingerprints, or handwriting
- Credit card numbers
- Digital identity
- Date of birth
- Genetic information
- Telephone number
- Login name, screen name, nickname, or handle
- Unique identifiers like Device IDs, UserID, TransactionID, CookieID
- Pseudonymous data (that’s unrecognizable data + key on different spot to make it readable again)
Congratulations: in understanding two concepts alone, you know more than a terrifying amount of marketers on GDPR.
Now let’s really show ‘em up: