Embracing Compliance to Drive Ecommerce Growth

By Tony Marshall

Whether you are fresh to ecommerce or have been trading for several years, it’s likely that the word compliance, and more likely the acronym GDPR, has given you a headache.

As a self-confessed data protection geek, I have embraced compliance and GDPR, but I appreciate that for the vast majority, you will either wonder why you should bother to comply; or desperately hope it all goes away.

Here’s the rub: it isn’t going away and we do need to comply. In fact, many of the rules and regulations around GDPR are well founded to protect us all, now and in future.

So, get with the programme and find out how making small steps in the right direction, could also drive more sales and in fact enhance your brand.

Step 1: Get your cookie banner right

Some data protection folk will simply say; “you must have a cookie banner and it must give customers the option to accept or reject easily”. Great advice BUT that’s not where you should stop.

A good banner, such as One Trust’s* version can help you massively. *Disclaimer: I am in no way affiliated with one Trust, it’s just a good banner.

• For example, think about the positioning, will it take over the page or be tucked away at the bottom?
• Will it have an X button so that users can click off of it rather than click accept/reject? NB this could mean cookies do not drop and could cost you money in terms of visitor stats and analytics.
• Will you create a preference pop out that allows visitors to make individual categorisation choices such as selecting functional cookies, performance cookies etc?

Get the banner right and you can harness the power of Google Analytics to make extra revenue.

Google Analytics

That’s right, a data protection guy says ‘use GA’. The use of GA is another blog for another day. If managed correctly and If you are fully transparent to your customers that you use GA; how you use it; and perhaps more importantly, how Google manage their data, you can create extra traffic and more revenue. It just has to be managed properly – that’s where the cool part of compliance kicks in, because getting GA set up correctly could transform your business and compliance plays a huge part in that journey.


If you are new to e-commerce or are a growing brand it is possible that outside of your core customer base, visitors will be reluctant to trust you and trust that you will manage their data responsibly.

This is where a Privacy Information Strategy can help you to ease concerns and ensure that a visitor is confident that you are trustworthy.

I don’t think for one minute that 100% of website visitors are thinking ‘I must read that privacy and cookie policy’; however, if you reference it at all points of data collection, I guarantee it will help build trust.

Privacy Notice

This is the dull looking page on websites that people rarely read, because most brands still get it wrong. Don’t copy and paste one from somewhere and please don’t include lots of legal jargon. Keep it simple, make it easy to find, easy to understand and make sure you include the details that build customer trust. For example, what data do you collect; what do you do with it; how long to you keep it for; and which third parties do you use to process their data.

More on this in another blog soon.

Email marketing

Many brands get this wrong. At best, using unlawful pre-selected boxes, at worst, by not informing customers what marketing they intend to carry out using our data.

Are you more likely to consent to marketing if a brand or company has been explicit about how often they will send you marketing emails and what the content is likely to be?

• Reference your privacy notice at every point of data collection
• Add a section to your privacy notice telling people all about your wonderful marketing campaigns
• Make compliance work for you

Compliance is so much more than a tick box exercise and it’s not about avoiding huge fines. Let compliance work for you, use it to build trust in your customers and start to trust it yourself.