unsplash image social media

What The GDPR Means for Social Media Marketing

The General Data Protection Regulation (GDPR) went into effect on May 25, 2018. Everyone knows about it, and everyone understands bits and pieces of it, but not everyone understands how it’s going to affect their business here in the United States – especially when it comes to social media marketing.

Here, we’re going to break down how the GDPR affects your social media marketing efforts: what’s changing, what’s staying the same, and what you should be worried about. Let’s dive in.

What is the GDPR?

The GDPR is all about, as the name suggests, data protection and privacy on the internet. The bill was signed by all twenty-eight members of the European Union (EU) in an effort to give European citizens the right to privacy online. Simply put, this means companies have to make more of an effort to be transparent about the data they collect from their customers and only use that data if they’re given consent.

Companies have to outline how they’re using customer data, how they’re protecting customer data, what kind of customer data they’re collecting, and ask customers for their consent. This is why you’re constantly seeing updated privacy policies from every website you visit.

If you’re in the United States and you’re wondering why any of this matters to you, it’s because anyone who does business in Europe has to abide by these privacy laws, otherwise they will receive a huge fine (Up to €10 million or 2% of the worldwide annual revenue of the prior financial year, whichever is higher, for lower-level offenses; up to €20 million or 4% of the worldwide annual revenue of the prior financial year, whichever is higher, for higher-level offenses). In other words, you don’t want to mess this up if you’re a US-based company with customers who live overseas.

What This Means for Social Media Marketing

Social media marketing wouldn’t exist if marketers were unable to access Facebook, Twitter, and Instagram users’ data. The issue, however, as we all saw with Facebook, is that social media platforms weren’t doing enough to make it clear to the public how data was being gathered and used. This means that marketers, whose job it is to gather data on customers, have to fully disclose what they’re doing with the data they gather, as well as receive consent to actually use that data. This presents social media marketers with a problem…

Before, they could simply build lists of emails from social media or use a social CRM in order to advertise products and services. Facebook got in trouble for giving that data away to third-parties affiliated with political parties. People don’t always go on social media to buy products. Many simply want to check up on their friends and the latest news. Now, marketers, in a website’s privacy policies, have to tell users that their data can be used for marketing purposes if, and only if, they give their consent.

The good news is that if you know your business only has US-based clients, then none of this actually matters to you; however, in the globalized, hyper-aware society we live in, people have high expectations when it comes to their privacy. People understand the significance of privacy. When businesses are transparent with how they’re using customer data, they’re doing themselves a massive favor. If people suspect their data is being gathered, managed, and used improperly, they will, as we saw, act negatively.

What is Social Media Doing Differently Now?

Every major social media platform with users from Europe have to be GDPR-compliant. You may have noticed a lot of emails in your inbox related to the GDPR. That covers their tracks in terms of email marketing, but what about social media?

Not all social media platforms work exactly the same as each other so let’s take a closer look at what Facebook, Twitter, Instagram, and LinkedIn are doing differently.


Facebook now requires businesses to accept their terms before making lead ads. Facebook wants businesses to understand completely what they’re allowed to do with data. Facebook also helps businesses create ads by letting them create their own custom disclaimers and optional consent checkboxes.


Twitter, according to their FAQ page, complies with the GDPR by using an Irish commercial entity called Twitter International Company as the controller of data outside the United States. It has data processing and processing agreements with the United States, so if you’re a U.S. citizen, your data is also processed by Twitter International Company. When asked if they’re a processor or controller of data, Twitter says they’re a controller. Twitter, like Facebook, is making sure consent is received before any advertisers handle any potentially sensitive data.


Instagram being owned by Facebook follows the same protocols as Facebook. If your business is interested in how GDPR affects ad campaigns on Instagram and you’re already on Facebook, be sure to follow the same rules to avoid significant fines.


LinkedIn is similar to Facebook in that they’re requiring users to update their lead generation forms. Most companies now have to simply make sure a link is included in their privacy policy and a custom text that clearly explains how they’ll be using any collected data.

The Final Word

Just because the GDPR is a European regulation that was passed in order to preserve the privacy of EU citizens doesn’t mean US-based companies are off the hook. If your business or any business you know of has clients and customers overseas, being GDPR-compliant is absolutely essential, unless you want to pay the fines every time you use data improperly.

Social media marketers have to especially take good care of the data they’re working with: making sure they were given consent and outlining how and for what the data they’ve gathered is being used. Marketers have to use this data in order to better understand their customers. Social media is a great tool when used appropriately because people are more open on Facebook, Twitter, Instagram, and LinkedIn.

It only makes sense for businesses to use that data fairly. People post a lot of stuff on the internet for others to see. Others include friends and family; it does not always include businesses — especially ones that have not received permission to use that data. Privacy is a significant issue businesses have to face head-on in an effort to appear more transparent to their customers. Not doing so risks decreasing already low levels of trust people have towards businesses in general.

It’s important now to make sure social media marketers are aware of how they can use data to ensure customers and businesses are transparent with one another while following these new protocols that can lead to significant fines if data is being handled improperly. Regardless of what platforms your business uses, it all boils down to making sure customers are more aware of your privacy policy and it’s clear enough to understand, ultimately making it easier to receive the consent you need to use that data.


Image Credits

Feature Image: Unsplash / NordWood Themes


Reuben Yonatan

Reuben Yonatan

Reuben Yonatan is the founder and CEO of GetVoIP -- trusted VoIP comparison resource that helps companies understand and choose a business communication solution for their specific needs. Reuben assists SMBs align business strategy with culture and improve overall corporate infrastructure. Follow him on Twitter @ReubenYonatan

The First Machine Learning Marketing Platform
Built to Scale Search for Local Resellers & Agencies

Automate, optimize and track more campaigns, more profitably.