Get All Access for $5/mo

How Can European Businesses Effectively Target Customers Amid Stronger Data Protection Laws? Conversions in the age of privacy.

By Dmytro Spilka Edited by Jason Fell

Opinions expressed by Entrepreneur contributors are their own.

You're reading Entrepreneur Europe, an international franchise of Entrepreneur Media.

Chainarong Prasertthai | Getty Images

Last year, 2018, saw "the most important change in data privacy regulation in 20 years arrive in the form of the European Union's General Data Protection Regulation.

Overnight, businesses based within the European Union and those marketing to EU audiences were tasked with adapting their approach to customer acquisition risk facing fines of either upwards of €20 million or 4 percent of their annual worldwide turnover - whichever sum is greater.

While GDPR has certainly caused more than its fair share of headaches for website owners around the world, it's worth adding an early caveat to this piece by acknowledging that the hardened approach to data protection has undoubtedly been undertaken to ensure the safety of citizens across Europe - and could indeed benefit businesses by building a newfound sense of trust between customers and companies online.

However, stronger data protection laws will undoubtedly threaten the existence of many businesses online, with less adaptable organisations at significant risk of either losing out on potential customers or incurring massive fines.

Winning over customers in the era of enhanced data protection can mean life or death for many endeavours - particularly those based in Europe. So let's take a deeper look at the implications of GDPR and how businesses can overcome them in order to continue generating leads.

GDPR at a glance

The General Data Protection Regulation is designed to solely protect the personal data of the citizens of EU nations. This means that you don't necessarily have to comply with this regulation if you exclusively process the data of companies, or only come into contact with the data of non-EU citizens.

However, as the world is becoming a smaller place, and international custom is an increasingly commonplace activity for customers and businesses alike, the chances are that your website will interact with EU residents from time to time. This means that, regardless of whether your headquarters are in Paris or Pittsburg, Berlin or Buenos Aires, or Tallinn or Tokyo, your website will need to be fully complicit with GDPR to welcome visitors from the European Union.

GDPR came into effect on the 25th of May 2018, and as of this date, all businesses had to immediately adapt their approaches to comply or risk debilitating fines.

If you have an online business, it's imperative that you take GDPR into consideration wherever you have a presence online - this means your web pages, online store, social media accounts, anything customer-facing has to be compliant.

The regulations mean that online businesses are obliged to inform online users that they will be processing their personal data. The term "personal data' is a broad one in this case - and includes cookies which are relied upon by analytical tools like Google Analytics and Hotjar for producing metrics surrounding website performance and on-site customer behaviour. Under these provisions, even the location of a visitor is determined as "personal data' due to it carrying the potential to make a user "identifiable.'

Logically, GDPR carries adverse effects for website conversions. The regulation's insistence on gaining a visitor's consent in receiving cookies can prompt bouncebacks. The very act of accessing a website and seeing a bar at the bottom of a homepage along with the text: "We use cookies to collect your personal data" can be extremely off-putting to some users. After all, "personal data' sounds like something that shouldn't be shared.

Upon being asked for consent, higher volumes of visitors will feel the urge to navigate away from a website - despite the fact that nothing would have changed for their browsing experience from the days before GDPR.

These bouncebacks are all counted and taken into consideration by Google's algorithms, and anybody with an ounce of experience with SEO knows the importance of Google recognising your website as a valuable one. If their algorithms see that more people are navigating away from your website, Google will consider your pages to either be spammy or irrelevant and lower its ranking within their results pages.

In fact, many website owners reported a decline in their traffic rates following the European Union's implementation of GDPR.

Marketing limitations


(The majority of marketers feared for their collection of customer data along with opt-in rates when it came to the arrival of GDPR. Image: HubSpot)

Naturally, a decline in traffic means a decline in conversions. An inevitable reduction in the volume of visitors an eCommerce store receives would be a significant issue to overcome on its own for businesses, however, this is compounded by heavy limitations over their ability to understand their visitor's behaviour, too.

It may not have been the EU's first target, but the online video games industry is one of the most prominent early examples of the limitations that stronger data protection laws pose for businesses - with many internet-based gaming platforms having to close down due to a lack of resources available to write out coding that collects players' data.

Speaking on the matter, privacy lawyer, Shaq Katikala explained: "Companies have to document their data flows, register with privacy shield, get an EU representative, set up a bunch of updated data processing agreements, get trained on how to respond to consumer requests that include GDPR jargon, etc. The vast majority of the GDPR work I do for clients isn't fixing terrible scandals, it's all this administrative stuff that GDPR requires."

For businesses that are dependent on more outbound forms of marketing towards European customers, GDPR can be something of a legal minefield with costly ramifications.

Luckily, with over a year passing since the arrival of the game-changing EU regulations on data protection, some of the opacity surrounding the do's and don'ts of customer targeting is becoming clearer. Taking on board some of the best advice available online, here's a short list of ways in which businesses can continue to flourish in the era of GDPR:

Always ask first

The key takeaway from GDPR is that consent is always required. If you haven't taken the time to build a well structured opt-in policy on your website, be sure to get to work on it as soon as possible.

By now, your pre-existing database of users will already have given their permission to keep receiving emails from your business. Inevitably there will have been a significant drop off from your mailing lists, so it's time to rebuild your network of prospective customers.

Services like MailChimp have become highly useful resources for building eye-catching but non-intrusive consent forms for visitors. Sadly, all consent forms will hinder your bounceback rates, but a strong design can at least help in terms of damage limitation.

Emphasis on inbound

The arrival of stronger data protection regulations has accelerated a trend that's been growing for some time within modern marketing. The old outbound practices for websites are undergoing a profound shift to more content-based, social and inbound channels.

In the world of inbound marketing, the emphasis is firmly on encouraging users to access your site and willingly offering their data as part of a content gating strategy.

This form of marketing enables email nurturing to take the role of a more welcome retargeting strategy - which can help to encourage higher conversion rates among recipients.

Of course, inbound marketing strategies are dependent on businesses gaining a more effective rate of web conversions, which is why the next point will shed some light on how to optimise them in this climate:

Optimise your conversions…

Web conversions simply refer to the moment where a previously unknown visitor becomes known to your business through the use of an on-site form or similar exchange of information.

The act of putting a single form on your homepage isn't enough in modern marketing, however. Optimised web conversions are capable of making a user known to market automation and web analytics tools. These services are then able to build a portfolio of information about a specific user while also using the data they collect to make educated guesses surrounding other visitors.

An optimised conversion has the potential to provide invaluable information on metrics like a visitor's location, their company data, where they arrived onto the site from and what caused them to take the step of converting.

There are plenty of tools that are available to track a user's actions in this way, some of which include platforms like Finteza, KissMetrics, HotJar and Optimizely.

Naturally, a strong web conversion strategy needs to additionally incorporate a well-tuned opt-in process. Opt-ins should ideally be utilised across all website forms.

...but ensure your CRM or analytics tools are compliant

Client Relationship Management and analytics tools can be vital in gaining a deeper understanding of both your customers and your own website. However, it can be vital to check whether the insights your getting are fully GDPR compliant.

Lots of technologies associated with marketing hold on to some form of user contact information. Take a moment to have a more detailed look at the services you're enlisting and make sure that they're fit for purpose when it comes to dealing with conversions from within the European Union.

Lose your old data

Once you've obtained the personal data of prospective customers, it could be tempting to keep hold of their information - after all this is integral to outbound marketing strategies.

However, while gaining the email addresses of 250,000 visitors is impressive, many of them won't be willing to part with their money on your website. Be sure to clear your lists of unsubscribed and bounced addresses. Decide on a timeframe for removing unresponsive users too - if they've not shown an interest in your company in, say, twelve months, they likely never will.

By keeping the data you've obtained leaner, your conversion rates will not only be much more impressive, but you'll have significantly limited your business' chances of falling into issues over privacy.
Dmytro Spilka

Entrepreneur Leadership Network® VIP

CEO and Founder of Solvid

Dmytro is a CEO of Solvid, a creative content creation agency based in London. He's also the founder of Pridicto, a web analytics startup. His work has been featured in various publications, including The Next Web,, Huff Post, TechRadar, B2C and

Stay Focused with These JBL Headphones for $25

These on-ear headphones support Siri and Hey Google along with hands-free calls.

Business Ideas

63 Small Business Ideas to Start in 2024

We put together a list of the best, most profitable small business ideas for entrepreneurs to pursue in 2024.

Data & Recovery

Data Privacy Matters to Your Customers — Show Them It's a Priority For You, Too. Here's How.

Your business can help reassure customers and earn their loyalty by treating all incoming data as valuable.


Save $20 on This Fast-Charging, Portable Power Bank

Quick charge your devices with a single power bank that goes with you everywhere.

Data & Recovery

Use This Code to Get 1TB of Cloud Storage for $120

Koofr Cloud Storage makes backing up and sharing work files a safer and easier process.

Growing a Business

11 Networking Tips When You're Crunched for Time

Some clever planning and use of technology can keep you connected.