One of the pillars on which any modern business rests is, without a doubt, digital marketing. If you are promoting a project using digital marketing tools, sooner or later, you will encounter marketing compliance. This is especially true for companies entering the EU and US markets.
Failure to comply with laws, regulations and rules not only leads to fines, claims, litigation and loss of positive image in the market. In many cases, without complying with the rules, you simply will not be able to even start promoting your project.
In this article, we will address the following questions:
- What is compliance in general and marketing compliance in particular?
- How does compliance with rules and regulations affect project promotion?
- What should be considered before launching an advertising campaign?
- What do Avitar lawyers recommend?
What is compliance in business and marketing?
Compliance is conformity with any internal or external requirements or standards. Compliance with laws, rules, and standards in the field of compliance usually concerns issues such as adherence to appropriate standards of conduct in the market, management of conflicts of interest, fair treatment of customers, and ensuring a conscientious approach when advising customers.
Compliant business is a business in which all processes comply with established rules and laws that belong to:
– the country where business is conducted or where users (buyers, consumers) are located;
– the industry (the rules in the field of cryptocurrencies differ from the rules in, for example, retail);
– channels or to the field of business (in our case, the channel is the Internet, which has its own rules and laws).
The marketing activities of any company cover many aspects. Since in every aspect of marketing we deal (directly or indirectly) with users, compliance in digital marketing takes on particular importance.
Compliance guarantees user safety during the collection, storage and processing of their personal data, when using cookies, purchasing or exchanging goods, during payment, delivery, filing claims, refunds and other actions that the user performs in response to the company’s marketing activities.
Accordingly, any marketing activity of a company must comply with legal requirements, especially when it comes to digital marketing, where personal data protection and cybersecurity are of paramount importance.
What happens if compliance is ignored?
Today, it is not so much domestic regulations as international ones that encourage us to comply with rules and regulations in marketing activities. However, there is a clear trend towards bringing Ukrainian laws into line with international requirements. One of the reasons for this is to attract international investment, as investors pay particular attention to security issues.
Therefore, non-compliance with compliance standards in the digital sphere can lead to the following:
– inability to launch an advertising campaign or blocking of advertisements due to non-compliance with advertising requirements;
– complaints from users;
– loss of potential and actual customers;
– refusal of investments;
– reputational risks, decreased trust in the product or company;
– decreased sales and increased number of chargebacks;
– fines and sanctions from regulatory authorities.
On the other hand, compliance with legal requirements gives your business many advantages: trust from investors and customers, a competitive edge, a stronger reputation, and long-term relationships with partners and customers.
Marketing Compliance Requirements. How it works in different countries
Before launching the promotion of a product or service in the digital sphere, it is necessary to consider the following requirements:
Requirements for personal data protection
By clicking the “buy” button on an advertisement, we are somehow revealing certain information about ourselves, i.e., providing the system with data that can be used (in combination) to identify us. In today’s digital reality, such information can be used against us. That is why countries around the world are trying to ensure the protection of their citizens’ personal data.
To protect personal data, the European Union has adopted the General Data Protection Regulation (GDPR). This document applies not only to EU member states, but also to any legal entity that processes the personal data of EU citizens.
The main principles of the GDPR:
1. Principle of lawfulness, fairness, and transparency. Personal data must be obtained by lawful and fair means with the consent of the data subject.
2. Purpose limitation. The purpose of data collection must be specified at the time of collection, and the data must not be used for other purposes.
3. Data minimisation. No more data should be collected than is necessary to achieve a specific purpose.
4. Accuracy. Personal information must be accurate, complete, and up to date. Errors and inaccuracies in personal data must be corrected.
5. Storage restrictions. Data may not be stored for longer than is necessary to fulfil the purposes of information processing.
6. Integrity and confidentiality. Personal data must be protected by security measures against loss, unauthorised access, destruction, etc.
7. Accountability. Companies that work with data are responsible for complying with GDPR requirements. Violations of these requirements are subject to huge fines.
European countries adopt domestic laws on personal data protection. Such laws exist, for example, in Germany, Iceland, Denmark, Spain, and France. They are based on these principles and, in essence, clarify and specify the provisions of the GDPR.
In the United States, federal law only defines the responsibilities of government agencies in the field of personal data protection. Regulations concerning legal entities that process personal data are adopted at the state level. For example, in 2020, California passed a law regulating the rules for collecting and processing data.
In China, a law has been in force since 2017 that requires internet providers to obtain users’ consent to collect their personal data. Chinese legislation in this area is largely based on European experience and GDPR standards.
In Japan, the Personal Information Protection Act has been in force since 2005. It aims, in particular, to ensure the right of Japanese citizens to privacy.
In order to be compliant in terms of personal data protection, a website must contain documents that explain to users how their personal data will be collected, stored and processed. These are the Privacy Notice, Cookie Policy, and Terms of Use.
Depending on the business, in many cases, it is mandatory to have documents such as “Delivery Terms”, “Disclaimer”, “Payment Terms”, “Return Terms”, etc. on the website.
Regardless of the nature of the business, the resource owner is obliged to clearly inform users about the collection, storage, and processing of their personal data, as well as to obtain the user’s consent for all these actions. To do this, you can use pop-ups, banners, flags, buttons, checkboxes, or other elements on the website. They must contain information about what happens to the user’s personal data if they consent and allow them to opt out of its collection.
Requirements for advertising activities
Before creating an advertising or marketing campaign to promote on various platforms, such as Amazon, Facebook, and Google, it is important to study and take into account the rules and restrictions regarding advertising and promotion.
Each of these global platforms has its own rules and requirements that determine acceptable types of content, prohibited topics, audience restrictions, keywords, etc.
Failure to comply with these rules may result in the rejection of the project, suspension of advertising, or blocking of the advertiser’s account.
Avitar’s experience
In our work, we deal with compliance on an almost daily basis. We work on the compliance of our website and other marketing tools.
In addition, as a team of IT lawyers, we work closely with clients to ensure compliance with legal requirements regarding their products, services, marketing tools, and advertising campaigns.
The main task for clients is to use our help to understand the requirements of laws that “attack” from three sides:
- laws of the country;
- laws of industry;
- and laws relating to online activities.
It happens that a company creates a wonderful product, and marketers think through the details of the system for promoting this product. But the platform where they want to launch the campaign refuses to host it at the very beginning due to non-compliance with privacy requirements.
We have encountered situations where an international financial operator simply did not connect a website to a payment system because the website was non-compliant.
There are countless examples of this. Compliance does not begin with the launch of an advertising campaign, but much earlier. And if, from the very beginning, the company’s marketing activities are conducted in compliance with all requirements within the country, industry, and online space, then any platform will accept your advertisement, and the user will confidently click the button and buy your product.
Conclusion
Marketing compliance is a prerequisite not only for launching an advertising campaign, but also for starting a project in general.
Since compliance with rules and regulations on the Internet is a technical, marketing, and legal issue at the same time, product compliance and promotion can only be ensured through joint efforts.
Do you want your campaigns to be effective and compliant with all regulations? Contact the professionals.
