At the beginning of April, I saw the following post from fellow SEO expert Andrew Holland on LinkedIn talking about SEO and GDPR.
Andrew’s post raises some key points about marketing in the GDPR world. Many businesses, especially those who have been reliant on poor quality or spam marketing, are going to have to adapt.
And how will GDPR affect future marketing approaches?
Plus, of course, where does SEO sit in the GDPR world?
What is GDPR?
Firstly, let’s look at GDPR and what it means.
GDPR stands for the General Data Protection Regulation, which was launched two years ago and comes into force on 25th May 2018.
It applies to every business that holds, collects and stores information about EU citizens that makes them personally identifiable, even if it’s just their name, email address or computer IP address.
GDPR also covers if/how we give data to third parties such as web developers, virtual assistants, web hosts, email marketing providers, analytics providers, plugins installed on our websites and more.
The aim of the regulation is to protect people’s privacy and ensure that data that could personally identify them is held and used in an ethical way, and that it is disposed of in a timely and correct manner too. This includes giving people the ‘right to be forgotten’ and to have their data fully erased.
The regulations require that data is “collected for specified, explicit and legitimate purposes and not further processed in a manner that is incompatible with those purposes”.
Previously, each of the EU countries have had their own privacy laws. GDPR is about unifying data protection laws for a single, consistent approach. It’s also about bringing data protection into the 21st century.
Even when/if Brexit is finalised, the GDPR will be incorporated into UK law and will still apply, especially if you want to do business with anyone in the EU.
If you run a business then GDPR is something you need to know about and act on.
Personal data as a commodity
Why is data protection such a hot issue?
Everything we do online leaves a digital footprint. In May 2017, The Economist called personal data ‘the world’s most valuable resource’, even rating it above oil!
Companies (maybe this includes your own) track the searches we make, the websites we visit, the things we buy, the phone calls we make, the photos we take, where we go and much, much more. This helps to build up an understanding of buyer behaviour, making it easier to sell to us.
And because all this data is so valuable, it’s also a target for theft and misuse.
According to UK Government statistics, nearly half of all UK businesses suffered a cyber breach or attack in 2017.
The joint class action against Facebook, Cambridge Analytica and two other companies for allegedly misusing the personal data of more than 71 million people to develop ‘political propaganda campaigns’ highlights that data protection isn’t just about cyber-attacks, fraud or identity theft – it may also be used to influence opinions and shape the very fabric of modern societies.
Beyond the scary headlines
There have been a lot of headlines about the potentially massive fines associated with GDPR non-compliance. Worst-case scenario figures such as €20 million or 4% of annual turnover are daunting for any business.
Couple this with misinformation out in the public domain and it’s tempting to panic about the impact GDPR will have, especially on small businesses without extensive resources.
However, I think we all need to take a calming breath and look beyond the hype.
One of the most reasoned explanations of GDPR I heard recently is that it really just tightens up and consolidates the data protection regulations already in place.
GDPR is about gaining ‘active’ consent from people about capturing their data rather than relying on implied consent or expecting people to opt out of data capture.
The GDPR says that you must use plain language to tell people who you are when you request their data, as well as:
- why you want it
- how long you’ll keep it
- what you’ll do with it
- who will receive it
Businesses that are collecting customer data in a responsible way with a clear opt in and information about how they will use the data probably don’t have too much to worry about (although you should understand how GDPR will affect your business and be proactive about compliance).
This article isn’t about how you become compliant with the GDPR though. Instead, I wanted to explore why SEO and other GDPR-compliant marketing approaches will be even more important from May 2018 onwards.
How GDPR may effect marketing and data capture
Recently, Smart Insights asked their members whether their companies were GDPR-ready – only 6% responded that they were! Sixteen percent said they don’t even know what GDPR is.
It’s clear that there’s still a lot of work to be done.
Many business owners are currently trying to work out what the GDPR means for their company, especially in terms of marketing and capturing/using data for current and potential customers.
- Will long-established mailing lists have to be deleted?
- Or, at the very least, will masses of customers decide not to opt back into mailing lists if/when prompted to confirm their ongoing consent to be contacted?
- Is it still OK to get people’s sign-up details in exchange for a lead magnet?
- Is Google Analytics GDPR-compliant?
- Will we be able to hang on to the contact details of previous clients and contact them with special offers?
These questions and more are being asked time and again, often receiving different answers, depending on who’s answering the question.
Without a definitive, plain language list of obligations for each type of business, GDPR will herald a period of uncertainty as everyone tries to work out what applies to their organisation.
This means that companies are likely to look for ways to attract new business that are less reliant on data capture and lead magnet marketing in order to risk falling foul of the GDPR and associated fines.
As Andrew Holland said in his LinkedIn post that I referenced at the beginning of this article, businesses may turn to Google AdWords or Facebook advertising to target and bring in new customers. But, with growing competition for keywords, the prices will soar. There is also some debate about how the GDPR will affect these two PPC advertising options.
SEO may be a safer investment.
SEO and GDPR-compliance
Search engine optimisation will potentially be one of the best and most effective ways to market your business once GDPR comes into effect because, in many ways, it is already GDPR compliant.
As we’ve explored in numerous previous blogs, the ranking signals that search engines look for when creating search engine results pages (SERPs) are all about relevance and best answering the searchers’ queries.
Simple steps can help you bring more customers to your website and, in turn, attract more enquiries, bookings and/or purchases WITHOUT marketing to your mailing list.
Think about the following:
· Meta data
A strong meta title and meta description should reflect what visitors will find on the web page and show how your content will meet up to the reason for their search.
If you can write each meta description as a compelling call to action, it should bring people to your website from search engines. It’s your opportunity to say, “Click on me instead of anyone else”.
Short, targeted keyword-rich URLs also help to signpost what each page is about to your website’s visitors and show the relevance of your content, bringing in more traffic.
They also make it easier for people to make an educated guess about the address of a web page on your site without having to search for it. According to SEMRush’s Ranking Factors Study 2017, direct website traffic – i.e. traffic where the source or referrer is unknown or the visitor has typed in the company URL – is the most important ranking factor. This beats dwell time, bounce rate, backlinks, content length and more.
· Crawlable pages
If you use text that search engines can read, as well as images and videos or embedded properties with relevant alt tags, it will help search engines to rank your web pages and bring in a relevant audience who want to buy what you sell.
· Clear headings
Headings and sub headings that reflect what your content is about are essential to help visitors identify what a web page is about. If people can see at a glance that they’re in the right place, they’re likely to stay on a page for longer, lowering the bounce rate and upping the dwell time. These are both important ranking signals.
· Intelligent use of keywords
As I discussed in a recent blog, artificial intelligence (AI) is shaping SEO, not least in how we use keywords. It’s crucial to intelligently employ primary, secondary and related keywords throughout your content to show its relevance to a specific topic to search engines.
If you can do this, it will help search engines to return the most relevant results in searches, especially in the context of voice searches through virtual assistants such as Google Home where the top result is often the only one searchers hear.
· Website security
Google recently announced that, from July 2018, a ‘NOT SECURE’ notification will pop up on websites that are HTTP rather than HTTPS.
Changing the security certificate of your website to HTTPS is an effective way to show that you value the online security of your web visitors. It is also likely that non-secure websites will drop in rankings moving forwards with priority being given to secure sites.
Under the GDPR, you will also need to update your cookie and privacy policies to capture an active opt in rather than implying that a person gives consent to their details being tracked or captured by virtue of visiting your site.
These are all steps that you can take today to boost the visibility of your business at the same time as cleansing your data and making sure that your mailing list is GDPR compliant.
Other GDPR-friendly marketing options
SEO isn’t the only GDPR-friendly marketing option you have at your disposal. You might also want to think about the following:
· Social media marketing
Social media marketing is likely to become more important to businesses in the GDPR-compliant world.
In many ways, GDPR is about encouraging organisations to create mutually beneficial relationships with their audience, which is a concept that social media is built on.
We already understand that, via social media, fans can unfollow or unlike a business with a single click. Other forms of marketing will be subject to the same rules under the GDPR.
Each of the social media platforms are reviewing and clarifying their position as data processors and data controllers. These are two important distinctions within the GDPR rules.
In the most part though, GDPR is likely to have less of a direct effect on social media marketing than other marketing avenues.
People who follow your social media platforms are actively saying that they want to see your content. If that changes, they understand that they can unfollow at any time. In the meantime, you can ‘speak’ to them via advertising and/or your business profiles without ever holding personal details beyond their names.
A bonus is that social media marketing can have many positive effects on your SEO and vice versa.
Of course, because every business will be looking for GDPR-compliant marketing options, social media marketing may become a lot more competitive.
My advice, as with every other form of marketing and SEO, is to focus on creating relevant and quality content for your audience. Think about how you can give value, be engaged with conversations and genuinely invested in building a relationship with your customers. This is how you will stand out in the marketplace.
· Content marketing
With GDPR coming into force, content marketing is also an important weapon in your marketing arsenal and great for SEO too.
Content marketing is not reliant on data collection. Instead, your focus should be on creating fresh, informative and relevant content that is targeted to your key audience.
This is a fantastic opportunity to demonstrate that you’re an expert in your field. If you can get people to read your blogs and share your content, you can build your credibility in three ways: with your audience, with influencers and with Google.
Content marketing is also essential to attract backlinks to your website. Each backlink acts like a vote of confidence from a third party, and the greater the authority of the backlinking sites, the better for your rankings.
Good quality, relevant articles usually encourage people to stay on a website for longer (increasing dwell time) and read deeper into a website via internal links (decreasing bounce rates). Again, these are two important signals to Google about the quality of your content compared to that offered by other sites.
If you can create content that supports the products and services that you offer, you should find that you attract more enquiries by being seen as an expert and, in turn, make more sales.
Your mailing list still matters
I’m not suggesting for a second that you should ditch your mailing list and forget about lead capture mechanisms such as your newsletter or a free ebook. These are the lifeblood of most businesses.
What GDPR means is that businesses may need to revise, diversify or clean up their marketing strategies.
SEO, social media marketing and content marketing are all areas that are great for boosting visibility and creating customer loyalty without being reliant on capturing data. You may want to develop your activities in these areas while tightening up your data processes.
As an SEO professional, I know that websites are rewarded with higher rankings and greater visibility when they focus on giving value to visitors, creating a great UX, and being ethical.
I believe the GDPR will drive more businesses to build relevant and value relationships with their customers and that this can only be a good thing.
The outcome will be connecting with potential customers who are actively interested in the products and/or services that you offer.
Are you ready for the GDPR? How will the new regulations affect your business, especially your marketing activities? Will you be investing more in SEO as a way to bring in new customers? I’d love to hear your thoughts in the Comments below.
BEFORE YOU GO
Suzanne’s free GDPR Checklist will guide you through the simple steps you need to take to be GDPR compliant and to keep the Regulators at bay.