GDPR for facebook ads

 GDPR Opt In

GDPR (General Data Protection Regulation) comes into force May 25th 2018, and here we look at how it relates to Facebook, Facebook Messenger and Instagram ads, and the potential impact on marketers. 

This is purely our viewpoint, and you should always seek advice from your legal counsel on the correct approach for your business.

GDPR - The Background

In the majority of cases, you will be deemed a data controller. This means, under GDPR Regulations, you will have to demonstrate:

  • how the data is collected
  • what exactly you are using the data for
  • that people have explicitly agreed to you holding and using their data
  • you can show how long it will be held on record for
  • you give people the ability to easily opt-out
  • that people have the right to access the data that you hold on them

While Facebook provides you with the tools to reach your audiences on the platform, generally it is you, the advertiser that has responsibility as the data controller.

Conversely, a data processor handles personal data on behalf of a data controller, in the majority of cases, this will be Facebook.

You are the data controller for your Facebook custom audiences, therefore you have responsibility for it's collection and use. Facebook in turn, are the data processor, in that they provide the tools to enable you to process these audiences on their platform.

 Facebook Ads and GDPR

Facebook Audiences and GDPR

With a wealth of targeting available, each different Facebook audience type is classified differently under GDPR.

There are audiences that are reliant on your using first party data, pulled from your CRM. Then there is audience data that Facebook make available to advertisers 'out of the box'.

Below are various Facebook, Facebook Messenger and Instagram targeting methods, and how we believe they currently relate to GDPR:


Facebook Custom Audiences

  • Data Controller: YOU

  • Data Processor: Facebook
  • Responsibility for Data: YOU
  • Solution: Automatically sync custom audiences from CRM, using Driftrock Flow. Opt-outs from your CRM are automatically removed from Facebook custom audiences.

Facebook Lookalike Audiences

  • Data Controller: YOU

  • Data Processor: Facebook
  • Responsibility for Data: YOU
  • Solution: Automatically sync custom audiences from CRM, using Driftrock Flow. Opt-outs from your CRM are automatically removed from Facebook custom audiences.

Facebook Detailed Targeting

  • Data Controller: Facebook

  • Data Processor: Facebook
  • Responsibility for Data: Facebook
  • Solution: No action required

Instagram

  • Data Controller: YOU (unless you are using detailed targeting)
  • Data Processor: Facebook
  • Responsibility for Data: YOU
  • Solution: Use Driftrock Flow to keep your opt-outs opted out on your Instagram campaigns.

Facebook Analytics

  • Data Controller: YOU

  • Data Processor: Facebook
  • Responsibility for Data: YOU
  • Solution: Automatically sync custom audiences from CRM, to ensure you aren't analysing data on anyone that has opted out.

Facebook Lead Ads

  • Data Controller: YOU

  • Data Processor: YOU
  • Responsibility for Data: YOU
  • Solution: You are responsible for the lead data you collect, and ensuring it is added to your CRM, in order to manage opt-outs.
    • Use Driftrock Lead Response to automatically sync leads into your CRM in real-time.
    • Use Driftrock Flow to sync with Facebook custom audiences, to maintain opt-outs

GDPR - Next Steps

Facebook advertisers have a responsibility to ensure GDPR compliance, even when using Facebook for advertising, particularly using first party CRM data. So what can Facebook advertisers do to protect their user data, and themselves?

Driftrock Flow

 Custom Audience Syncing

Sync your CRM audiences with Facebook custom audiences, up to every three hours. Our CRM integrations mean that you remain GDPR compliant. Anytime someone opts out of marketing, you can sync that from your CRM to Facebook custom audiences, to ensure they are opted out of your Facebook advertising.

Find out more >>

 

Driftrock Lead Response

 Lead Sync

Sync your Facebook lead ad leads in real-time. Not only will this save you the pain of manually downloading your leads, you can also be sure that your Facebook lead ads leads are reaching your CRM and sales team as soon as the user submits them. Furthermore, the lead data gets added to your CRM immediately, meaning that opt-outs can be synced back again to your Facebook custom audiences via Driftrock Flow.

Find out more >>

Want to learn more about staying GDPR compliant? Overwhelmed by all the acronyms and want to know how to be GDPR compliant with your FB ads? Find out more about GDPR for marketers, or reach out below!