New ways of marketing online can make our sites much smarter – but, if we’re not clever about how we are using them, they can also make our sites illegal.

Remarketing and cookies

So many of us have seen fantastic gains from remarketing – and, if you are yet to dip your toe in the water, it can be a highly effective way to convert the ‘ones who otherwise get away’.

Remarketing is simple to set up, highly targeted and offers a great return on investment.

Platforms, such as AdWords, allow us to place a cookie on a visitor’s computer or mobile device and use this to serve appropriate adverts to them as they journey around the internet.

Cookies and the law

It’s hardly news that there are strict laws governing our use of cookies. The Information Commissioners Office (ICO) set out the new cookie laws back in 2012. Yet it is only recently that many websites have adopted remarketing as a tactic, and many sites have done so without revisiting their existing privacy policies.

Under the law analytical or marketing activity that uses cookies is deemed not essential to the actual functioning of a website. As such it requires some form of consent from the visitor.

In practice, this consent can usually be handled by an easily accessible privacy policy – but only if it is fit for purpose.

Cookies and Google

Without an updated privacy policy you are not only falling foul of the law but also at risk of being sanctioned by Google, the main, but far from the only, remarketing platform.

Users of AdWords are required to have an updated privacy policy: Google even specifies exactly what such a policy should include. You can find this here.

Rewriting your privacy policy

It’s probably high-time you undertook an audit of exactly how your website and marketing activity are using cookies.

Once you have done this you should update your privacy policy to ensure it actually reflects what happens when someone visits your site.

There are, of course, sample wordings of such policies available online.

You are best advised, however, to have a bespoke policy created by a legal expert. You would not, after all, download a generic free contract for an important business deal.

Here are the kinds of things your policy will need to cover:

  • What personal data is being collected?
  • How will this be used – by both yourself and third parties?
  • How can visitors access, modify and delete their personal information?
  • How can they opt-out of future communications?
  • When did your policy become effective – and how can visitors be notified of future changes?

Lead Forensics and privacy

For B2B websites another increasingly popular way to track and market to visitors are lead generation software tools, like Lead Forensics.

These tools provide you with the details of the company that a visitor to your site is from.

Typically these work by providing information that is based on an IP address, rather than by placing a cookie. They also only tell you what company accessed your site – and not who visited. There is, therefore, no strict legal necessity to declare them in your privacy policy, but there is a strong business and ethical case for doing so.

Being upfront and honest about how you are using information gleaned from visitors is a way to build trust. All businesses rely on trust and confidence to grow.

Declaring your use of such tools makes sound business sense.

Tell me more!