4 Quick Steps to GDPR Preparation

Reading Time: 6 minutes

With all the discourse surrounding it, chances are you’ve heard about Europe’s upcoming  General Data Protection Regulations on May 25th. If you’re just hopping into the conversation now, GDPR aims to develop more data transparency, safety and privacy for the individual online.


Although it’s yet to be clear what the full effects will be once they are enforced, being prepared is key, and it was previously stated that only 18% of European publishers are prepared for GDPR. To help remedy this, below we focus on four of our key steps to GDPR preparation. We hope to highlight some of the effects GDPR will have on the publishing industry and how to adapt leading up to this fast-approaching deadline.




With the new regulations, there is a heavy underline beneath the word transparency. With 227 million personal records being lost in Europe and nearly 30% of American consumers being notified of an identity breach in the past year, GDPR is a much needed update to the previous Data Directive of 1995.


At first, requesting consent for data collection might feel like an additional hurdle for audiences. However, despite unavoidable teething issues, the new GDPR could be a good thing for building trust and loyalty between publishers and readers. It could be argued that it will eventually become second nature, similar to cookie consent forms or location data requests.


The concept of new data protection regulations. Source: Tes


When developing your consent form, make sure it is distinctly separate from other information on your page, so it can’t be confused with paywalls, subscriptions or otherwise. Along with covering main areas such as what second or third party organizations are potentially involved and what data is being collected and why reassure your readers of the right to be forgotten. With this right, each individual can revoke their consent at any point, and highlighting this emphasises the safety your audience have while navigating your content.




When designing your consent form, the same amount of attention and detail should be taken into consideration as any other aspect of your page. What you are asking of your reader is to trust you with their information, and if you ask it in the wrong way they are less likely to consent. If the process of going through your form is easily understandable, navigable and informative, a reader will value the investment you’ve made in their interest.


One of the ways that has been discussed, is having a pop-up which prompts the reader to consent before accessing a story on your site, or entering a page that is hosting ads. Having the form linked through to a page with in-depth information on your privacy and cookie policies will streamline the experience and generate clarity. This way you have fully equipped your audience with the right information to make their decision.




Example of a GDPR consent request

Example of a GDPR consent request. Source: PageFair






Similar to a call to action or paywall, consent forms will take a period of adjustment and experimentation to see what performs the best. Though the information should stay the same, the way in which you communicate it might take varying combinations until you hit your sweet spot. For further help in regards to UX, this article by Future Content has a few suggestions.




Previously, one of the biggest worries voiced about GDPR was the effect it would have on ad revenue. The data shared between publishers and ad vendors is crucial for delivering targeted ads, but due to the restrictions consent forms will bring, less information will be gleaned for Ad Vendors.


This, combined with the fact that 80% of publishers in a recent Digiday survey came up as seeing third-party data as unreliable, is a good argument for switching your view to first-party data if you haven’t already. Shifting your gaze towards your own audience puts the trust and control in your own hands, provides deeper insights, and means you can drive more revenue through subscriptions, memberships and your own inventory.


In our last blog post we discussed developing reader loyalty, and developing trust through each interaction is a fundamental part of this. Using first-party data means you are creating content and experiences which are in-tune with your unique user base. In a climate where reliable sources are valued and digital publishing is generating more revenue than it ever has previously, readers are willing to pay for content they value. Looking forward, this means we could see more revenue driven through premium inventory, creating an equal direct exchange between publisher and audience.




What appears to be one of the most important but arduous tasks will be keeping all your documentation in order, this includes information from past, present and future data that will be gathered. Keep in mind the bigger items to keep documented such as records of consent and parental consent for children under 16, the information collected and processed plus the purpose of it, and of the process gathering the data itself.


Preparing for GDPR via ico.

12 steps to take now. Source: Information Commissioner’s Office


While preparing and setting up templates for your documentation, make sure to be checking it against the GDPR requirements as you go along. With it being estimated that companies will spend up of $7 billion on privacy and compliance this year, investing in preventative measures and having your information up to scratch is what could stop you from paying hefty fines down the line. If not complied with properly, the repercussions could cost you up to 20 Million or 4% of your companies global revenue, as well as deliver a huge hit on your reputation and brand identity.


Involving the documentation process alongside the data gathering could be a way to prevent all your information from being overwhelming. If the two are updated and kept track of at the same time, it could negate any potential holes in your documentation.




Though there will still be some grey areas to figure out, and some initial bumps on the road, GDPR could be an overall positive influence on the digital media world. Having transparency is a good basis on which to build deeper connections with your audience.


If the outcome of GDPR is more investment between readers and publishers, with an emphasis on self-sufficiency and honesty, there could be a lot of good to see down the road. In the meantime, preparing how you ask the question, communicate the reason and stay on top of the documentation is what will get you through the first lap.


Want more like this?

Receive our latest insights straight to your inbox