The government is watching you…
Before diving into the specifics, I want to answer a potential question of yours. “Is it really necessary to bring up GDPR again? Who’s really keeping tabs?” Well, the authorities are keeping tabs and if your company is not complying with GDPR legislations, the fines are quite hefty.
Besides that, if your brand is active on social media, it’s good to remain mindful of GDPR guidelines, especially in a time where social media channels are under fire with regular media reports about personal data leaks (we’re looking at you, Mark Zuckerberg). So, to answer the question: yes, we think it is quite useful to talk about GDPR again.
From legal talk to normal language
To guide you as a brand, Facebook, LinkedIn and Twitter each have dedicated pages covering GDPR extensively, but, let’s be honest, they’re not exactly written in layman terms. That’s where we come into the picture.
We’re not going to break down all the specifications about cookies and email consent, but we are going to outline the most important things to be mindful of as a brand on social media. In short, three things: social media competitions, custom audiences and working with third parties.
Making sure your brand is on the winning side
We love occasionally organizing a social media contest for our clients. Whether the prize is large or small, whether it goes via a Facebook Messenger chatbot, Instagram Stories or even with an offline twist, we love challenging audiences in a creative way, giving them the incentive to engage with the brand.
However, when organizing such a contest, we always make sure our clients come out on the winning side when it comes to GDPR. When asking for an email address as an entry for the competition, you need explicitly need to ask the consumer for consent. In the case of a Facebook Messenger chatbot, for example, you can quite simply add a consent button. Keeping it simple? Then running a competition asking people to leave a comment on Facebook or Instagram is the way to go. In this case, the social media platform controls the data and covers GDPR for you.
Consent is key
As mentioned above, the social media platform you’re using as a brand mostly covers all consent and GDPR requirements. However, there’s one important exception, in the case of custom audiences and highly targeted ads. If you have any sort of tracking cookies installed to your brand’s website and these are sharing data with, for example, Facebook, you need consent!
So if you’ve got a Facebook Pixel installed and you’re making use of retargeting options or you’re tracking conversion, now is a good time to check whether this is included in the consent section of your website. When it comes to lookalike audiences, the consent part is up to Facebook again. After all, in this case, Facebook is gathering data on consumers you’ve never interacted with.
Are you now wondering what you should do as a brand and what you should leave up to Facebook (or Instagram, Twitter, etc.)? Well, we’ve got your back for this and that brings us to the last part of this blog.
Your agency has got you covered
… Or, at least, they should. At Dorst & Lesser, we make sure to provide our clients with a data processing agreement, if this doesn’t come from the client itself. And this should be the case for any third parties you’re working with. Maybe this blog is a good reminder to open up those administration files and check whether all your written GDPR agreements are in place. Like we said: consent is key and so are written agreements in this case.
Do you have any more social media, GDPR-related questions? Don’t hesitate to contact us. After all, we’ve got you covered.
The government is watching you…