How GDPR Affect Your Marketing Efforts | Ep. #682

In episode #682, Eric and Neil discuss GDPR. Tune in to hear how you can become GDPR compliant.


  • [00:27] Today’s Topic: How GDPR Affect Your Marketing Efforts
  • [00:52] This is something the EU came out with two years ago. As of May 25th 2018, this is something that anyone who does business with the EU will have to put into effect.
  • [01:50] You have to be really transparent with your data collection.
  • [02:05] It’s all about transparency.
  • [02:38] You also need a system in place that allows people to wipe their information from your database.
  • [02:50] If you aren’t working with or in the EU, you don’t have to worry about GDPR.
  • [03:33] Neil’s site has an opt-in tick box for anyone in the EU.
  • [03:58] The penalty for violating GDPR is €20 Million or 4% of the year’s revenue.
  • [04:38] You can’t auto-tick boxes anymore.
  • [04:55] Eric found his conversions rates got better, even though he couldn’t auto-opt-in for people.
  • [06:00] Neil tested his conversions and has not seen any changes by implementing GDPR.
  • [06:33] They decided to implement these rules universally.
  • [07:12] Look at your privacy policy and terms of service to see if they align with GDPR rules.
  • [07:18] Disclaimer template has lawyers that can look over your business and figure out if your are GDPR compliant.
  • [07:54] If you want a good example of a business that is trying to be GDPR compliant, check out
  • [08:24] If you’re within the US, check out Privacy Shield.
  • [08:40] That’s all for today!
  • [08:42] Go to for a special marketing tool giveaway!

Leave some feedback:

  • What should we talk about next? Please let us know in the comments below.
  • Did you enjoy this episode? If so, please leave a short review.

Connect with us:

The post How GDPR Affect Your Marketing Efforts | Ep. #682 appeared first on Marketing School Podcast.

Full Transcript of The Episode

Announcer: Get ready for your daily dose of marketing strategies and tactics from entrepreneurs with the guile and experience to help you find success in any marketing capacity. You're listening to Marketing School, with your instructors Neil Patel and Eric Siu.

Eric Siu: Welcome to another episode of Marketing School. I'm Eric Siu.

Neil Patel: I'm Neil Patel.

Eric Siu: Today, we're going to talk about how GDPR affects your marketing efforts. GDPR, what does that mean, first and foremost? This is the Global Data Protection Regulation. Is that right?

Neil Patel: It's something like that.

Eric Siu: Something like that. Let's try to define this a little bit, first and foremost. This is something we probably should have talked about a little earlier, but everyone did it last minute, so, hey, we got it done, but this is something that the European Union, this is the EU-

Neil Patel: Is it the European Union?

Eric Siu: Yes, EU. They came out with this two years ago, and there's a deadline as of May 25th of 2018. Everyone needs to ... Basically, anybody that does business in or has data from people in the EU needs to get this in place. Neil?

Neil Patel: The cool part about this episode is Eric and I decided to talk about GDPR after it went live. By this point, it's already live. We're past the May 25th deadline, and the reason we wanted to do this episode after it went live is we can then share with you what's working, what's not.
Some basics with GDPR ... Keep in mind, I'm not a lawyer, so you should crosscheck everything with a lawyer. Nor is Eric. We're not the end all, be all or the last say in GDPR in the rules and what you should be doing, what you shouldn't. The first thing that we've noticed is, and this is obvious because it's out there, is with GDPR, you have to be really transparent about all the data collection you're doing. For example, if you're collecting credit cards, personal information, you need to let people know before they enter in and hit the submit button. If you're using third party tracking services, you need to let people know what they are and, ideally, even give them a option to opt out. You need to let people know, "Hey, you're putting in name and email address for eBook. Well, we're also going to send you emails every week in regards to our newsletter. We're also going to send you ... We're going to send you promotional advertisements every so once in a while, and you have to agree to the terms of service."
In other words, you need tick box for all these little things. You also need a system in place where when people delete or they want their personal information deleted from your system, you should be able to allow them to delete it and not be in your system anymore.
Those are some basics of GDPR. Yes, it only applies to people within the European Union. If you're not doing business within the EU, you don't have to worry about it as much. You still have to be careful, assuming someone in the EU can buy your product or service. In general, with GDPR, everyone's worried because they're just like, "Oh, if we add in all these tick boxes and things like that, it's gonna affect our marketing in a negative way. We're gonna get less sales, opt ins, etc."
Eric, what have you been seeing so far? Have you added the tick boxes to your site?

Eric Siu: Yeah. We've added the tick boxes across the board, and I think you can see everywhere, even looking at your site, too, in the very bottom or the top, there's something about opting in for taking a look at the privacy policy and opting in for cookies, yes?

Neil Patel: Yeah. We do opting in for privacy policy and cookies for anyone in Europe. We don't do that for the US, but we do do it for anyone in Europe.

Eric Siu: That's a good point. One of our considerations was our developer was like, "Why don't we just shut everyone off from Europe," because we don't really do business with people in Europe, and a very small percentage of our list. I don't know. Less than 5% our from Europe. That might be a consideration just to make things easier for you because the penalty for GDPR is it's either 20 million pounds or 4% of the last year's revenues.

Neil Patel: Correct. I think it could be 20 million Euros.

Eric Siu: 20 million Euros, yeah.
Then, the other thing, too, is you no longer can, to Neil's point a little earlier is you can't auto opt people into a bunch of stuff. Before, you opt them into one list, maybe you can push them to four different lists. Can't do that anymore, but one really interesting thing I saw, there's this group that Neil and I are both in, someone posted a picture to Facebook. The thing is now when people are trying to, when you're signing people up, let's say, for a free trial or to your email list, they actually have to tick the boxes. Well, originally, the boxes would come auto ticked. You can't do that anymore.
What happens is people are like, "Well, you know, conversion rates gonna go down," but what happens is, now, what you can do is say, "Okay, do you want updates from our team? You either have to tick yes or no." If you do that, that screenshot that I saw, the conversion rate actually went up higher than pre-GDPR. Pre-GDPR, it was 78% conversion rate on that form. After GDPR, when they have to pick a selection, yes or no, it jumped up to 88.85%. That's just one picture. Your mileage may vary, but that's one thing you can do.

Neil Patel: I have the data from my blog, as well as three other blogs. Me and the marketing teams of these blogs were sharing our data, not personal data, but what happens when you include these tick boxes, and there's two main tick boxes that we're including for any type of email forms. The first is, "We want to let you know you're opting in to receive weekly emails from us regarding marketing and promotions." The second is, and the wording changes depending on the type of blog it is, but I'm just giving you a general overview of the tick box text, the second one being is, "You have read and agreed to our terms of service and privacy policy."
Again, you want to run these wordings or verbiage by attorney so they can tell you what you should be doing or shouldn't be doing.
What we found is on all the blogs we tested, we didn't really see a decrease, nor did we see an increase in opt-ins. We also did make it required where you have to select both of them to get anything. If you don't select them, then you won't be on the list. One of them even made it where the privacy policy pops up right then and there. He did see a decrease versus putting a link, but, in general, we haven't seen any changes by implementing GDPR, and we took a drastic approach in which we didn't just implement this for European citizens. We implemented this for anyone throughout the world because my thesis is, eventually, people in the US are going to be like, "Hey, you need to get these permissions." The last thing I want to do is when the US or other countries rolls out these laws is having to email my whole list again and scrub them and remove everyone that hasn't agreed to these specific terms in the first place.

Eric Siu: Privacy is important. You're seeing all this stuff popping up, especially in the last year or so. There's the Cambridge Analytica stuff, all this. It just makes sense. The EU, I think, is the very first domino to fall. It's going to happen everywhere else, too, so I think Neil is probably right.
You have to, if you're looking to still catch up on this stuff right now, you got to look at your privacy policy, you got to look at your terms of service. Again, Neil and I aren't lawyers, but I do know there's one website we went through. It's called, and they do have stuff around GDPR, and they do have lawyers that specialize around, have looked into the GDPR.
I don't really have much more to add, Neil. Do you?

Neil Patel: Yeah. Two things. One, I also connected with quite a few European-based businesses that either specialize in services, like consulting or web design or eCommerce. Neither of those groups have noticed a difference with either, A, lead count or sales. They haven't gone up or down, and it's because people are used to, within Europe, knowing that, "Hey, you have to agree to all these GDPR rules," so they're okay with it.
The second thing, too, is if you want a good example of someone who's trying to be GDPR-compliant, check out, S-L-I-D-E-S/security/cookies, and from that page, you can go to their cookies page, third party infrastructure, GDPR FAQs, security privacy, terms of service, privacy policy. You get the point. They've done a really good job. Again, I'm not a lawyer, so compared to from all the people I've talked to, they said, "This is probably one of the best examples."
Then, the other thing, if you're within the US, I've been told to check out Privacy Shield. I believe my attorneys are going through that right now to apply and comply and, hopefully, that makes it so that way, as a US company, we are more GDPR-compliant by doing that.

Eric Siu: All right. That is it for today. If you want to get access to our marketing tools to grow your business, just go to to get a special offer, and we will see you tomorrow.

Announcer: This session of Marketing School has come to a close. Be sure to subscribe for more daily marketing strategies and tactics to help you find the success you've always dreamed of. Don't forget to rate and review so we can continue to bring you the best daily content possible. We'll see you in class tomorrow, right here on Marketing School.

We help great companies grow their revenues

Get Your Free Marketing Consultation