Location and Data Privacy: What GDPR means for Advertisers and Publishers
One of the biggest issues as it pertains to data privacy – a hot topic right now, with General Data Protection Regulation (GDPR) – is location tracking.
While it’s effective for advertisers to be able to track their target audience online and via mobile devices, location tracking presents its own set of challenges. First and foremost: GDPR is making it more difficult for businesses to get the data they desire.
Let’s dive deeper into location tracking and take a closer look into what this means in terms of the latest data privacy regulations.
What is GDPR?
But before we get started, let’s do a refresher on GDPR. It’s a regulation which states that a person’s “personal data” can only be used with their explicit consent. “Personal data” is any data that can be used to identify who a person is, such as their location.
GDPR can affect how digital marketers go about tracking their users. Marketers can’t hide from GDPR – they must address it head-on.
What this really means is that advertisers need to put their consumers first when it comes to their marketing strategies. Users must give consent in order for businesses to use their personal data.
How does GDPR affect marketers and businesses in terms of location tracking and privacy?
Now, the nitty gritty. Personal data and track their location while they are using the website or app (or even when the app is not in use but is downloaded on their personal device).
As long as users give consent, their data can be used. But if users do not give consent, businesses cannot use this personal data at all. This means organizations need to get extremely organization in how they manage their data, and how they communicate to customers. Location tracking complies with GDPR as long as it is only used if users give consent. The location data can be a great resource for brands and advertisers to target users who are located in certain areas. But there’s a catch: location tracking is only GDPR-compliant if the data used is anonymous.
This means that only more generalized data, including cities or regions can be used, rather than a user’s address or exact location.
While this makes it more difficult for advertisers to target users in specific locations, it isn’t a deal breaker.
Using a person’s general region to target advertisements rather than their specific address shouldn’t make or break the location-based ads that a company uses.
Special data privacy laws in California
California is the only state in the U.S. to make new laws similar to GDPR. Last September, the governor of California signed into law an amended version of the California Consumer Privacy Act of 2018, also known as the CCPA.
In a nutshell, this act grants consumers extensive rights to control the personal data they share, though it differs from the GDPR.
While the GDPR protects “personal data” and defines it as “any information relating to an identified or identifiable natural person,” the CCPA protects personal information “that identifies, relates to, describes, is capable of being associated with, or could reasonably be linked, directly or indirectly, with a particular consumer or household.”
The GDPR does not focus specifically on the sale of personal data, while the CCPA does.
Essentially, the state of California is the first state to enact such a law, and we wouldn’t be surprised if more states followed suit. So it’s important to keep in mind that it is better to be safe than sorry when it comes to providing your users with the right to consent to their personal data being used.
And if they do not consent, just don’t use it.
How MatchCraft protects your privacy
MatchCraft protects your privacy by keeping all of your personal data secure and retaining your information only when there is a legitimate business need for it.
We value our users and we believe that open communication about issues such as GDPR is how we can retain your trust in us. You can read more about how we protect your privacy at MatchCraft by visiting our Private Policy page.