How far do you go with GDPR?

Quite a catchy question, at least that is what I hope what you think? But it is a serious one too, as recent events have revealed. GDPR is not new, but it is a bit confusing for many, and I have seen different interpretations of the rules, and I, not being an expert in this field, am hard-pressed to decide which is correct. Or should I say which one should be chosen, which is different. Let me explain. My expertise is in #SEO, and one of the tools I use a lot is Google Analytics. Coupled with its sibling Google Search Console, Analytics provides me with all sorts of valuable data, the main one being the changes in traffic levels and what channels seem to work the best. This can be especially useful when it comes to optimising for Conversions, this relating not just to SEO, but also for other marketing methods like Email marketing and Newsletters. So, as you can imagine, if this information is suddenly taken away, I can feel a bit lost. One of my main ways of deciding what works being removed. And this is just what can happen when the GDPR rules on Cookies are interpreted and implemented to the letter (and not perhaps the spirit) of the law. We have all seen those ‘annoying’ Cookie notices, and many I suspect just say ‘Yes to All’ and move on. But what if they don’t say Yes, or just ignore the notice. In such instances, the letter of the law (as I understand it) means that no tracking of any sort is allowed, and that includes Analytics. Suddenly the ‘radar’ screens go blank. There is no data, you cannot tell what is going on anymore. It is quite a shock, to say the least. Now, some website owners / designers take another route, saying things like ‘If you continue to use this site you are agreeing to being tracked’ or make the user OPT OUT of being tracked rather than having to OPT IN. As I understand it, that is not fully complying with the law, and thus the website owner (and perhaps the website designer) could be held to account at some time in the future. A worrying thought isn’t it? There is a little bit of good news in that you can still get a deal of information about Organic traffic levels from Google Search Console, but the data here is only of real use when used alongside the Analytics data in my view, so losing the latter is a real issue for me. There is another source of data that you could turn too, that of the SERVER logs. Using interrogation software (this not involving bright lamps and harsh treatment) allows you to get a very complete picture of what is going on. However, I am not at all sure if the act of ‘looking at this data’ would itself be against GDPR rules as it is a 100% certainty that some of the people included in the data would have been those that had opted out of being tracked (you cannot opt out of being included in the Server Logs you see). I thus find myself in a bit of a quandary. Do I advise all my clients to follow the rules to the letter and therefore lose a lot of data, data which I use to help them market their business? Or do I say, let’s analyse your server logs, that could in theory at least, put them and myself in the firing line? I hope to get some news and guidance on this matter in the future and will post again then.

For more information on How far do you go with GDPR? talk to Serendipity Online Marketing Ltd