Facebook is implementing strict policy changes to protect its users. These changes are also in response to the GPDR– General Data Protection Regulation being applied in the EU on 25th May, 2018.

Are these policy changes relevant to businesses operating outside the EU?

You betcha!

They apply to all businesses that process personal data about individuals in the EU, regardless of where you are based. So, if you have just one subscriber who happens to live in Hamburg, Germany, it applies to you. Even if everyone on your database currently lives in Australia, if one person decides to move to the EU, you need to be prepared… and protected.

It’s also important to note that ‘processing’ refers to anything related to personal data including how you collect, store, use and destroy that data.

Facebook is committed to supporting and adhering to the GPDR and will also implement new policies on 25th May that will affect all Facebook businesses, advertisers and importantly, end users.

Some of the benefits of the new Facebook policies and the GPDR:


  • Protect the rights of individuals
  • Give people more control over how their information is being used
  • Help remove ‘dodgy’ advertisers
  • Prevent ‘scraping’ of personal data for advertising purposes
  • Make businesses (and Facebook) more transparent
  • Create a safer experience for all users


It’s important to note that this is not just a ‘feel good’ band-aid solution.  Failure to comply with the GDPR can result in significant fines.

I’ve outlined four measures you can easily implement to ensure you’re in compliance – both on your business website and your social media platforms…. in particular, Facebook.


  1. Gain their permission

If you use a tracking program on your website such as Google Analytics or Facebook Pixel to track your website visitors, your privacy policy needs to be updated. You must clearly state to your users that you are using cookies to collect and analyse their information and that you may use that data to present them with further advertising.

If you want an example of this in action, visit my website, scroll to the bottom and you’ll see my privacy policy. Just click on it, have a read and it will make sense.


  1. Pop on a Pop-up

I recommend you use a pop-up on your website letting visitors know that you use cookies to collect their data. On my site, this is stated as simply as “This site uses cookies. By continuing to browse the site, you are agreeing to our use of cookies.” Include an ‘OK’ or ‘Yes’ button for visitors to click to acknowledge they are aware of that term and agree to proceed.


  1. Your database = your responsibility

If you have a mailing list or database, or are using a client’s list, you can upload that to Facebook and advertise to those potential customers. It’s a really powerful tool, but you need to be responsible for that list. Just as someone who opts in to your website eg: subscribes to your newsletter you need to gain their permission before you market to them. The same rules now apply to Facebook advertising.

In the past, people could purchase programs that would ‘scrape’ data from various platforms and upload that information to Facebook and market to these people. They have no connection to them, no relationship building and, until now no way of preventing that level of ad-hoc mass marketing.

How will Facebook know if you’re using a ‘scraped’ list or one where users haven’t given their permission? Easy! If your ads continue to receive negative feedback from people, Facebook will be looking into why.

So, if someone gives you their personal information: name, email address, phone number, they need to know exactly how their information is going to be used. Once again, review your privacy policy and ensure people on your mailing list know how you intend to use their information. As well as updating your privacy policy it’s a good idea to include a line on the bottom of your emails, newsletters and other marketing material.


  1. Facebook page verification

If you have a Facebook page with a large number of followers (Facebook is yet to verify what that number is) your page admins will be asked to verify that page, to make sure the page represents a real business or entity.

You may need to provide proof eg: official documents showing your business's name and address. To do this, you simply go into your page settings where you will see a section to verify your page.


I’m here if you need me

Facebook is changing every day. As I hear more, I will let you know. If you do things correctly, you won’t have anything to worry about and you can continue using this incredible platform with great success.

If you’re concerned about the changes and would like assistance in ensuring you are in compliance, please message me on my Facebook page or contact me through my website. I’d be happy to help!