Personalization in the Age of GDPR

When it comes to digital marketing, we know that personalization is key, right? We read about it everywhere, customers want personalization - they need personalization.


personalization digital real-time marketing GDPR privacy law personal information data


But customers also want and need privacy, which is where May 2018’s implementation of GDPR (General Data Protection Regulation) comes in. The new EU law is designed to enable individuals to have more control over their personal information, allowing them to opt for more privacy. So when customers get more privacy, are we still able to personalize? Can personalization thrive in an age of privacy? That’s what we all want to know.

Due to continuing Brexit negotiations, the full scope of GDPR for UK organizations is still unknown, besides from the necessity to comply when handling data of EU citizens, both pre and post-Brexit.

So with laws becoming more strict on the personal information a business is allowed to collect, will personalization die in the new age of privacy?

In short, no. Rather than a threat to personalization, you should view GDPR as an opportunity to become increasingly targeted and to tune into the type of content your website visitors engage with and that adds the most value to their experience.


personalization digital real-time marketing GDPR privacy law personal information data


Enriching your Existing Data in the GDPR Age.

An inevitable challenge of the introduction of GDPR is going to be sourcing personal data that you are legally able to collect, use, and share, by receiving permission from individuals. You may find it harder to source personal data (any data that makes an individual identifiable) for the purpose of personalization if fewer individuals give consent for the processing of such information, or request their personal information be erased. However, you can and should utilize your existing GDPR compliant data to create highly targeted segmentation groups that leverage the most relevant dynamic marketing content. The development of your understanding of customers and visitors will allow you to continue using personalization successfully while you continue to build your list in the age of GDPR.

Furthermore, getting to know existing customers in this detail will also enable you to understand how to gain consent from individuals to access and process their personal information and continue creating personalized marketing campaigns and content.

Data Hygiene Focus

This is also a good time to consider your organization’s data hygiene practices to ensure that your email list is kept clean, thus decreasing costs and increasing your open and click rates. There is no reason to send to erroneous email addresses, or to subscribers who haven’t opened an email in the last year. If you don’t have a data hygiene strategy in place, now is the time to focus on the processes and the resources required to maintain a clean list in the years to come.

Refining your data hygiene practices will enable you to make adjustments to become GDPR compliant, and it will also help to focus on your active customers and prospects and their contact details in your email lists.

For those debating the subscriber purge it’s important to note that if a subscriber is just deleting all the emails you send them, it’s only a matter of time until they stop seeing your messages altogether. That’s because the ISPs will just move your messages into that subscriber’s bulk folder after they see a pattern of the subscriber deleting your messages.

Build Trust with your Viewers and Customers.

Complying with GDPR will not only prevent you from having to pay a hefty fine when you get caught out, it will also enable you to instill trust in your customers and prospects. If they see that your company is following the newly laid down law, and not placing pressure on them to opt-in, they are more likely to see the brand as trustworthy, making it easier for them to make the decision to opt-in and provide you with their personal information- thus allowing you to continue using and growing personalization within this new age of privacy.

While GDPR is likely to pose some challenges to you, your business, and your personalization process, it will make for a much more effective use of your time and efforts in the long-run.

Losing Contacts doesn’t have to mean Losing Customers.

You may have a long list of contacts currently, some engage, and some don’t. If the ones who don’t engage are lost after GDPR due to not opting-in, it might just save you from wasting your breath, because it’s pointless attempting to engage with people who don’t want to engage with you and your brand. Take this opportunity to focus on the quality of your customer connections, rather than the quantity of them.

A New Era of Content is Upon Us.

Fresh Relevance Strategic Marketing Consultant, Justis Saayman adds that with consumers wanting a more personalized experience across the marketplace and GDPR limiting how and what data we can keep, we now have the opportunity to reconsider our content marketing strategies to make it all more relevant.

Because users will be more selective/considered about giving us more information, we as marketers would need to up our game in terms of the content we provide. This will serve as great personalized and relevant content for use in multiple sections of our marketing campaigns and the better the content, the better the results in areas like conversion rates, SEO, or Social Engagement.

Using Personalization to Increase Data

It’s your job to give the website visitors a reason to hand over their personal information, otherwise, why would they bother? Personal data collection is a two-way street, the individual has to gain something from giving you their information. Make them want to sign up by offering them personalized product recommendations and individual coupon codes if they do. Receiving personalized content as a result of giving their details will also make them less likely to retract their data, which is something that GDPR enables individuals to do freely. You should also use bold Calls To Action (CTA’s) guiding website viewers and making it as easy as possible for them to sign-up. Popovers that prompt signing up when visitors view your website are another great way to make signing up easier for them, encouraging them to do it then and there. Pottery Barn has used popovers well, enticing visitors with an offer of a discount for signing up, and making the process easy with clear instructions and a bold CTA that reads “SUBMIT”. 


popover example pottery barn personalized discount codes


GDPR Best Practices

When it comes down to making your business GDPR compliant using privacy notices, what are some best practices? Privacy policies tend to be long and complicated, and it’s often accepted that most people won't read the documents in their entirety, if at all. This is why GDPR will state that while privacy policies may remain long and difficult to follow, users must be provided with privacy notices at the point of consent or data collection that is concise, transparent, intelligible, and accessible, written in clear, plain language, and free of charge.

Two ideas for best practices of these privacy notices are:

  • The use of layers

Using layering in your privacy notices can make the notice easy to follow for your users by allowing the user to break up the information you are providing them with. Use clear headings, such as “how we will use the information we collect” or “who will be able to access the data we collect”. Follow this heading with a second layer of the basic facts. This could be a list of organizations that will have access to the data, or a list of ways in which the data will be used by you. This needn’t be long but it should be clear and easy to understand. A third layer could be a link for the user to follow if they wish to find out more information, giving them the opportunity to know as much as possible about the way in which their personal data will be used, stored, or shared. Below is a prototype of layering by the ICO.


privacy notice example gdpr marketing personalization best practices


  • Just-in-time Privacy Notices

This is when relevant information is displayed to the user as a pop-up or hint when they engage with a data field. This is a good way to provide a privacy notice to your users because it notifies them as they are about to provide their personal data in the field selected. Therefore, if the notice pops up they will see before they enter their data, why they need to provide the information, how it is going to be used, and by whom. The ICO uses a gif of just-in-time privacy notices as an example, shown below.


privacy notice example gdpr marketing personalization best practices


Find out more about making great privacy notices here

Personalization Without ID

While GDPR might make it more challenging for you to build your email list, there are still website personalization tools that you can put in place to engage with your visitors without needing to collect and store their personal information. Countdown timers are one way you to excite your visitors and use time pressure to encourage sign ups or purchases. Wiggle has used countdown timers on the homepage of their website, allowing them to use real-time dynamic content without requiring visitors' personal information.


countdown timer personalization gdpr


To make your website more engaging, use weather to incorporate real-time weather forecasts into your website content, and relating it to your brand and products. Popovers are another way you can engage with your visitors without needing their information to start with, they are also good for encouraging people who haven't signed up already to do so. Garnet Hill has used a popover well to offer visitors a discount as a reward for signing up. This is another example of dynamic content that can be used without collecting and using your visitors' personal information.


popover marketing dynamic real-time content digital personalization


Want to learn how Fresh Relevance can help you personalize alongside GDPR?

Contact Us →  


08/04/2017 How-tos