May 25, 2018, is a date that will live in marketing history. On that day, the EU’s General Data Protection Regulation (GDPR) went into effect, establishing strict new rules surrounding data privacy. The regulation has far-reaching implications for any company that processes the personal data of EU citizens, and that includes many of the most popular marketing technologies. As a result, marketers must take steps to ensure that their tech stacks are GDPR compliant.
The good news is that there are a number of steps you can take to get your marketing tech stack GDPR compliant. First, make sure that all the technologies you use have been updated to reflect the GDPR’s requirements. Many vendors have already released patches or updates that make their products compliant. Second, review your data collection and processing procedures to ensure they meet the GDPR’s standards. Third, create a data retention policy that complies with the GDPR’s requirements. Finally, make sure you have a process in place for handling data requests from individuals. By taking these steps, you can help ensure your marketing tech stack is GDPR compliant.
GDPR compliant analytics tools
Google Analytics is the most popular website analytics tool on the market. However, it is not GDPR compliant. If you are looking for a GDPR friendly Google Analytics alternative, there are a few options available. One option is Matomo. Matomo is an open-source analytics platform that is self-hosted, meaning that you own and control your data. It is also GDPR compliant. Another option is Clicky. Like Matomo, Clicky is self-hosted and GDPR compliant. Both Matomo and Clicky offer similar features to Google Analytics, so you can continue to track your website traffic without sacrificing your privacy.
According to the website dasprive.be, a Belgian non-profit organization that lists all GDPR compliant tools, the following tools are also to be considered GDPR compliant alternatives to Google Analytics:
We’re used to Google Analytics being free, but a lot of the alternatives only have a very basic free option. If you are a data hungry marketer, you’ll most likely want to get a paid version of one of the analytics tools.
At The Growth Agency, we have experience with Plausible, Matomo and Piwik Pro and we will be testing the other Google Analytics alternatives on our different in-house domains, so we can consult our clients in the best way possible. Most of our corporate clients have a year or more to become fully GDPR compliant, but we recommend them to install one or more GDPR compliant analytics tools as soon as possible. Why? This way they can run in parallel with Google Analytics and we have time to figure out which tool fits their needs in the best way.
GDPR compliant collaboration tools
Slack, Google Workspace, Microsoft Teams, Gmail, Outlook, WeTransfer,.. Chances are we just mentioned quite a few of your daily tools, right?
Unfortunately, all of them are not compliant with GDPR. It will be a tough job for corporates and smaller businesses alike to get their employees to adopt new tools, that will likely not be as user friendly as the ones we’ve been accustomed to.
GDPR compliant email providers, outlook and gmail alternatives:
ProtonMail and Tutanota are two email providers that offer GDPR-compliant services. Both protonmail.com and tutanota.com provide end-to-end encryption of user data, meaning that only the sender and receiver can read the data being exchanged. This ensures that your data is protected from prying eyes, whether you’re sending an email to a colleague or sharing files via email attachments.
In addition, both ProtonMail and Tutanota allow you to set expiration dates for messages, so that your data is automatically deleted after a certain period of time. This is a useful feature if you’re working on a project with a limited lifespan or if you simply want to ensure that your data is routinely purged. Both tools offer two-factor authentication for an extra layer of security. With two-factor authentication, even if someone knows your password, they will not be able to access your account unless they also have access to your second factor, which could be a code sent to your phone or generated by an app on your phone.
GDPR compliant messaging / chat tool, Slack and Teams alternatives:
Slack and Teams are tools that we almost can’t imagine business life without nowadays. Remote working made them even more popular and widely adopted.. Both are not GDPR friendly.. If you want to look for an alternative messaging tools, matrix.org is a popular open-source messaging and chat tool that is designed to be compliant with the General Data Protection Regulation (GDPR).
matrix.org is used by a variety of businesses and organizations, including the European Commission, the UK National Health Service, and the German Federal Ministry of the Interior. matrix.org offers a variety of features that make it an attractive alternative to Slack and Microsoft Teams, including end-to-end encryption, support for a wide range of platforms, and a commitment to open standards. matrix.org is also free to use, making it an appealing option for businesses and organizations that are looking for a GDPR-compliant chat tool.
How marketers can brace themselves for GDPR
When looking at different tools, it’s important to establish two key factors.
- Where is the company headquartered? The company should have their HQ in Europe and not in the US.
- Where is the data stored/ where is the tool hosted? The tool’s hosting should be in Europe and not in the US.
Please note: this is not legal advice. We urge marketers and companies to consult with a lawyer to define the best path to GDPR compliance for their company.
At The Growth Agency, we will be testing more GDPR friendly marketing tools over the coming weeks. If you want to stay updated on this topic, please subscribe to our newsletter!