With GDPR coming into effect in just over 2 months, it is more important than ever to ensure that all your activities are fully compliant with the new regulation. For those who are not familiar with it, GDPR is a European regulation aimed at strengthening and unifying data protection for EU residents, which will come into force on May 25th.
We all love personalized experiences: they make us feel special and important. They also ensure that we have a smooth experience with the interface and software that we are using. This, however, has important implications. In order to provide a personalized experience to your customers, you need to collect data about them. And this falls under GDPR. How do you ensure that you can provide a unique experience to each of your customers, without overstepping the boundaries of the new regulation? Consent is the magic word.
How to deal with consent in website personalization and email personalization.
Website personalization can be a powerful way to customize content and improve conversion rates. However, it relies on visitors giving cookies consent, which needs to meet the requirements of the ePrivacy Directive, which is part of the soon to be released ePrivacy Regulation, another European Regulation on Privacy and Electronic Communications that aims at reinforcing trust and security by updating the legal framework on ePrivacy. A cookie consent plugin bar is always required, in order for tracking of cookies to be legal. This way, visitors can agree to the retrieval and storage of their personal information.
Depending on where you are based, not complying with cookie law can result in different enforcement actions from the authorities. In extreme cases, this can mean fines. If visitors do not give consent, you can’t legally extract the data and personalize your website information.
Therefore, it is important to be transparent in the cookie consent request to convince them to agree to be tracked. This, however, does not mean that you can’t be creative. A beautifully designed pop-in can make the difference between someone giving consent or not. You also need to be careful with the wording of the message. You only get one chance at this! It’s either in or out. And you want your visitors to be in, to provide them with the best possible interface experience.
You may want to run A/B tests to try out the optimal “generic” site to show to anonymous visitors, i.e. those who didn’t give consent for cookies tracking, and designate some business rules around users who give consent to be tracked via cookies. For example, you may find out that French users like to navigate in this flow, while German ones follow that flow… etc.
Personalization for email can be based on several types of data, and the way you ask for consent varies depending on it.
- Data collected during the sign-up process
It’s more important than ever to ask for consent the right way when building a contact list. To be compliant with GDPR, you need to provide transparent and clear messages on how the data you’re collecting is going to be used.
Specifically, in terms of email content personalization and frequency of sending, it is recommended to ask:
- What type of information they would like to hear from you – i.e. about events, products, tips, tools, etc.
- The preferred frequency of communications
- Behavior Data
Behavior data includes opens and clicks of past emails, purchase history, and site engagement.
At this point, contacts are likely to have given you their consent already, so you can focus on giving them the best, personalized experience.
In this case, email personalization can be done by updating contact lists with additional information, segmenting contacts based on these attributes and A/B testing for different segments. One important thing to look out for is the size of the list/segment, to yield a statistically significant winner.
- Contextual Data
Contextual data can be, for example, about the weather of local news and events. There could be timely occasions to personalize the content based on specific locale, for example, if a snowstorm is forecasted to be hitting the UK, you can send out a campaign to a list of UK-based subscribers about warm jackets, hot cocoa… etc. A/B testing visuals, body copy and subject lines in your email campaigns are also very important when personalization is based on this type of data.
To sum up, personalization is fundamentally based on collecting personal data. We all love a personalized experience, but there are implications to it that can’t be underestimated. So, to ensure all your practices are GDPR compliant, make sure you ensure that you obtain consent appropriately.
Need more information about GDPR? You can find answers to all your questions here.