What Has the GDPR Changed in the World of Digital Marketing?

One of the most valuable resources today is data. The success level of companies is directly affected by the quality of data collection, processing, and storage activities. Commercial gains are primarily due to the correct and compliant handling of data. The question of what is GDPR prepared as the European Union General Data Protection Regulation came into our lives at this point. GDPR means and stands for a new era in digital marketing and the most significant effort to protect personal data. Because every brand or individual providing personal data use has to make sure that the person concerned respects all their rights under the GDPR personal data definition. GDPR or General Data Protection Regulation puts people at the center and underlines that people possess the right to know what data will be used for what purpose and for how long. With this method, it intended to establish a more transparent relationship between consumers and companies.

Perhaps the most notable innovation in the GDPR is the accountability provision, given the need to apply it to each of the European Union member countries. For those who are under the obligation to comply, it can be indicated how GDPR compliance is provided to the provisions of the law, for example, it envisages documenting the decisions taken by those who are under the obligation to comply with the processing activities.

A Closer Look at GDPR

GDPR is a directive that should be followed by all organizations using digital channels in product and service marketing. In the outdated system, the business partner was addressed for collecting, processing, and using the data. Now the focus is on the consumer of the data. GDPR, which entered into force in the member states of the European Union as of May 25, 2018, aims to ensure the security of personal data existing in large institutions and organizations in the member states of the European Union under the rules specified in the regulation. Even if the company does not operate within the borders of the EU, it is held responsible for the law because it collects the data of these citizens. Although the definition of personal data remains unchanged, the GDPR compliance concept affects the future of companies very differently.

What Has GDPR Changed in the Digital World?

When considering GDPR, there is no doubt that there will be severe changes in the global context in particular of data processors. With these changes, we will be hearing more about the privacy of people – a constitutional right in data processing activities. Although it seems costly and frightening in terms of penal terms for those under GDPR compliance obligation, some consider it is a revolutionary arrangement in terms of data processing. It would not be wrong to say that the GDPR has an impact on companies’ data strategies, big data, and innovations based on data.

The US and UK big companies’ cost of GDPR compliance was nearly $9 billion. Nine months after the entry into application of the GDPR, 11 EEA countries had already imposed administrative fines totaling €56 million. Besides the financial picture, brands started to act more cautiously when collecting and processing consumer data. Companies took actions including taking consultancy from law firms, raising awareness within their companies, informing all the business units, investing in permission and consent solutions and updating their external documents and forms to meet the requirements of GDPR. Companies continue to invest in consent management and legal consultancy because the overall compliance ratio still is not high. (42% by the end of 2019)

Which Sectors Are Affected by GDPR?

GDPR imposes various restrictions on companies’ activities such as collecting, processing, and storing personal data of their customers or employees. When evaluated in this context, GDPR first affected the advertising companies, advertisers, agencies, technology companies, and publishers. When processing personal data, companies have to be more careful and cautious from now on. It will not be compliant to process many data details such as name, address, ID number, location, IP address information, cookie consent, physical view data, political opinion, race, and origin information unless specified in the regulation. Without explicit consent, companies can not hold and process personal data.

Companies not complying with GDPR are subject to heavy penalties. GDPR fines of up to 4% of its annual turnover or 20 million euros are imposed on companies that do not comply with the regulation on personal data.

What are the Opportunities GDPR Offers?

GDPR privacy provides important advances in protecting the personal data of consumers. The individual is in the center, and dominance in the user-company relationship enables the individual to address. On the other hand, GDPR also reduces the dominance and influence of large companies and is considered as a regulation that tries to prevent the monopolization of big data. In the digital marketing world, while assuming several responsibilities in terms of data protection, GDPR will also be able to generate more reliable data by providing customer trust.

Cookie	Duration	Description
__cf_bm	30 minutes	This cookie, set by Cloudflare, is used to support Cloudflare Bot Management.
__hssc	session	HubSpot sets this cookie to keep track of sessions and to determine if HubSpot should increment the session number and timestamps in the __hstc cookie.
ct_has_scrolled	session	No description
ct_mouse_moved	session	No description
ct_screen_info	session	No description
pll_language	1 year	The pll _language cookie is used by Polylang to remember the language selected by the user when returning to the website, and also to get the language information when not available in another way.

Cookie	Duration	Description
__hstc	session	This is the main cookie set by Hubspot, for tracking visitors. It contains the domain, initial timestamp (first visit), last timestamp (last visit), current timestamp (this visit), and session number (increments for each subsequent session).
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_ga_VSLBJE6EL5	2 years	This cookie is installed by Google Analytics.
_gat	1 minute	This cookie is installed by Google Universal Analytics to restrain request rate and thus limit the collection of data on high traffic sites.
_gcl_au	3 months	Provided by Google Tag Manager to experiment advertisement efficiency of websites using their services.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
_hjAbsoluteSessionInProgress	30 minutes	Hotjar sets this cookie to detect the first pageview session of a user. This is a True/False flag set by the cookie.
_hjFirstSeen	30 minutes	Hotjar sets this cookie to identify a new user’s first session. It stores a true/false value, indicating whether it was the first time Hotjar saw this user.
_hjIncludedInPageviewSample	2 minutes	Hotjar sets this cookie to know whether a user is included in the data sampling defined by the site's pageview limit.
_hjTLDTest	session	To determine the most generic cookie path that has to be used instead of the page hostname, Hotjar sets the _hjTLDTest cookie to store different URL substring alternatives until it fails.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.
hubspotutk	session	HubSpot sets this cookie to keep track of the visitors to the website. This cookie is passed to HubSpot on form submission and used when deduplicating contacts.

Cookie	Duration	Description
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	A cookie set by YouTube to measure bandwidth that determines whether the user gets the new or old player interface.
YSC	session	YSC cookie is set by Youtube and is used to track the views of embedded videos on Youtube pages.
yt-remote-connected-devices	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt-remote-device-id	never	YouTube sets this cookie to store the video preferences of the user using embedded YouTube video.
yt.innertube::nextId	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.
yt.innertube::requests	never	This cookie, set by YouTube, registers a unique ID to store data on what videos from YouTube the user has seen.