Is Your Video Marketing GDPR Compliant?

The amount of data circulating worldwide is rapidly increasing, so it shouldn’t come as a surprise that more countries are implementing data privacy laws to protect their citizens.

Some regions of the world are passing stricter legislation than others. For example, in 2000, Iceland passed The Data Protection Act, which states that data can only be collected for specific purposes and only when the subject has given clear and informed consent.

More recently, the EU passed GDPR, marking another piece of legislation regarding data privacy. Operating under data protection laws is simple for some industries in these countries and beyond. However, video production plays a significant role in digital marketing. These laws have more of an impact on this sector than they may have on others.

Continue reading to learn more about GDPR, the importance of videos being GDPR-compliant, and how to ensure your videos do not violate GDPR.

What is GDPR?

GDPR stands for General Data Protection Regulation. This law was passed in 2018 by the EU and regulates how businesses collect and use someone’s data.

The ultimate goal of GDPR is to allow citizens to gain control over their data, how it’s collected and how a business can use it. 

GDPR is structured with seven key principles in mind:

  1. Accuracy
  2. Purpose limitation
  3. Storage limitation
  4. Data minimization
  5. Lawfulness, fairness, and transparency
  6. Accountability
  7. Integrity and confidentiality (security)

Essentially, businesses in the EU and those that operate out of the EU or offer goods and services in the EU must use these seven principles to guide their data management methods.

GDPR is an all-encompassing regulation that businesses must comply with, no matter how little data they collect from citizens.

One important component businesses must consider when being GDPR-compliant is ensuring that they’ve received explicit consent from the individuals they’re collecting data from.

How GDPR Impacts Your Video Marketing

So, how does GDPR impact your company’s video marketing efforts? It’s no secret that developing a solid video marketing strategy can challenge some businesses.

One of the main purposes of using video marketing is to build a lasting connection with your audience. 

First off, videos can feature voices or faces, which are considered personal data by GDPR. This is because voices and faces can be used to identify an individual. 

Suppose a company wants to record testimonials from existing customers who’ve used their product or service. For example, the company would need written consent from each interviewee to use that footage to create a commercial. 

GDPR – Right to Deletion

There is one exception — if the company filmed groups of people at an annual company event or conference, they do not need to receive written consent from each individual.

However, they need to place signage or a clear notice near the entrance explaining to attendees that the event will be recorded. If someone chooses not to be recorded, they need to notify the organization, and they have the right to opt out. 

This may seem easy enough, right? Unfortunately, the GDPR also allows people featured in videos to request the deletion of their data (a.k.a, their presence in the video content). Removing someone from a video is not impossible, but it’s not necessarily easy. 

Any video production team would have to use innovative methods to “de-identify” the person requesting deletion. This may mean blurring the person’s face or removing their voice — ultimately, they should not be able to be identified from your video alone.

GDPR – Legitimate Interest

The GDPR recognizes that following these strict guidelines may not be easy for businesses. Therefore, the law also includes a “legitimate interest” concept.

In simple terms, legitimate interest means that a company would be able to use footage even if someone who once consented at one time chooses to withdraw their consent.

Legitimate interest includes a wide range of cases. According to the official GDPR website, marketers need to be specific in why they have a legitimate interest in keeping someone’s data available.

It cannot be generic like, “this video helps build our brand.” It would have to be more along the lines of, “we have a legitimate interest in using this video content and posting it on social media platforms to engage customers and increase sales of this specific product.”

Anything illegitimate, unlawful, or unethical would not be considered a legitimate business interest. Direct marketing is typically covered as a legitimate interest, but rulings are generally determined on a case-by-case basis. 

Remain GDPR-Compliant With Video Marketing

In general, GDPR does make it a bit more challenging for companies to pursue video production and keep data privacy in mind.

However, it’s essential for businesses that rely on video marketing tactics to understand GDPR, how it could impact their business and what actions to take to remain compliant. 

Thankfully, the official GDPR website has a helpful checklist page to help your business remain compliant while creating video content for marketing purposes.

Consider using this checklist or consulting with an attorney specializing in GDPR compliance to protect your videos, customers, and business.

Lavanya Rathnam

Lavanya Rathnam is an experienced technology, finance, and compliance writer. She combines her keen understanding of regulatory frameworks and industry best practices with exemplary writing skills to communicate complex concepts of Governance, Risk, and Compliance (GRC) in clear and accessible language. Lavanya specializes in creating informative and engaging content that educates and empowers readers to make informed decisions. She also works with different companies in the Web 3.0, blockchain, fintech, and EV industries to assess their products’ compliance with evolving regulations and standards.

Posted in Articles

Leave a Reply

Your email address will not be published. Required fields are marked *