How Does GDPR Impact Your SEO Strategy?

Search Options
Blog Search
Sign up for our monthly marketing trends enewsletter
  • 7/12/2018

    Are you hearing the term GDPR buzzing around the office? Many of our clients have been wondering, “What is GDPR, and how will it impact my business’ SEO?” Well, our optimization team at thunder::tech is here to save the day. We’ll provide you with the information needed to catch up on GDPR, assess the potential impact on SEO and what steps you can take to make sure you’re following best practices and creating a great user experience for your customers.

    What is GDPR?

    In the past, data privacy in the European Union (EU) consisted of directives. According to, these directives were made up of minimum conditions, leading to conflicting data requirements amongst the EU countries. This brought about the need for consistency and, eventually, led to the creation of GDPR. GDPR, or General Data Protection Regulation, is a European Union regulation created to increase consistency for data protection and collection for those living in EU member nations.

    This new regulation was designed to change the way companies view privacy in the hopes of reducing data breaches in a world inundated with data and technology. By reducing data breaches and limiting the use of user information, the EU is striving to provide better rights for its citizens.

    Below, is a list of GDPR’s requirements focused around eight fundamental rights people now have over their personal data:

    • Right to be informed
    • Right of access
    • Right to rectification
    • Right to be forgotten
    • Right to restrict processing
    • Right to data portability
    • Right to object
    • Rights in relation to automated decision-making and profiling
    When did GDPR begin?

    GDPR was passed in mid-2016 with a two-year transition period. Actual enforcement of this regulation began on May 25, 2018, with no grace period for those companies that may violate it.

    My company is in the U.S. Can’t I just ignore GDPR?

    The answer is quite simple. GDPR affects any company processing the personal data (such as an email address) of EU citizens even if the company has no physical location or business transactions in the EU. In other words, it can affect any company anywhere.

    What will happen if I don’t comply with GDPR?

    Failure to comply with GDPR regulations can result in fines as great as 2-4 percent of your company’s revenue depending on the severity of the violation.

    Does my company website need to be updated because of GDPR?

    Our optimization team has the answer to GDPR’s impact on SEO along with a quick list of potential signs indicating that you might be receiving EU traffic. Here’s the scoop…

    GDPR’s impact on SEO

    Currently, there are no immediate changes to Google’s ranking factors based on GDPR. That being said, there are factors that may be impacted in the near future. So, keep an eye out for warning signs such as the following, as these will be critical to staying in front of changes:

    • Increasing page load speeds
    • Decreased form submissions
    • Decreased goal completions

    Beyond spotting trends, what other small changes impact the world of SEO?

    How using cookies can impact SEO

    The increased use of cookie consent pop-ups due to GDPR has become a concern for SEO practitioners when monitoring page load speeds and user experience, both of which are ranking factors for SEO. Cookies have the potential to impact the page load speed of a web page depending on the size of the cookie and the number of requests. For example, if we have 6 KB of cookies per request and make 120 requests, that is 720 KB of extra data being passed between requests potentially leading to decreased page speed performance.

    Cookies not only impact page load speeds but also the user experience, which has been shown to affect search engine rankings. In most cases when a user visits a web page and a pop-up appears, it causes a poor user experience, leading to either a bounce or consent of data. Now, in order to stay compliant with GDPR, many users have added cookie consent pop-ups to their sites, potentially impacting a user’s experience. This change in consent could lead to users bouncing due to confusion or poor page load as mentioned previously.

    Why am I seeing fewer goal completions/form submissions?

    The enforcement of GDPR has removed automated consent, requiring users to now manually consent to marketing materials and data collection. Users will now have to complete extra actions and check boxes for specific marketing materials, potentially decreasing form submissions and goal completions. In example, UK publisher The Guardian recently made changes to its consent forms in compliance of GDPR.

    To make sure users have the best experience possible on the site, we recommend your goal tracking be clear and that you have active consent requests. Make sure you’re collecting only relevant data, keeping the number of fields to a minimum. This will create a better user experience despite the active consent requests and keep your company GDPR compliant.

    Potential indicators you could be affected by GDPR

    Many of you are probably wondering, “How can I tell if my company is being impacted by the GDPR changes?” Our team of SEO experts put together a quick list of indicators that you may be targeting EU residents:

    • Language translations
    • Hreflang tags
    • EU currency
    • EU subdomains
    • EU subfolders
    • Referencing EU news, culture, etc.
    • Mentioning EU information in content

    Odds are, if your company is doing one or more of the items listed above, you would be required to collect and store data according to GDPR regulations.

    How should I make my SEO strategy GDPR compliant?

    How does GDPR impact my future SEO strategy? Did SEO best practices change? Should I be aware of upcoming changes to ranking factors? These are all common questions we’ve been asked over the past few months leading up to GDPR’s enforcement. Well, you’re in luck! We’ve outlined what you should and should not do in your SEO strategies and what to watch out for in the months to come.

    What you should not do in your SEO strategy post-GDPR

    We realize SEO in the era of GDPR seems like a big undertaking. At this point, you might be trying to think of a clever way around GDPR—blocking all web traffic from the EU, redirecting all EU traffic to a GDPR compliance page or even showing EU users one page while showing Google something different. While some companies have engaged in these practices, our position is clear: No way! Below, we’ll break down how each option impacts your SEO efforts.

    1. Why can’t I block all traffic coming from the EU?
    There are a couple of reasons from an SEO perspective why we would not want to block all traffic from the EU. First, blocking all traffic from the EU will block bots and crawlers, potentially blocking EU links to your site. This, in turn, can lead to a possible loss of backlinks, a decrease in domain authority and fewer referring domains. All of this ultimately would have a negative impact on your positioning in search engine results pages (SERPs).

    Second, if you block all traffic from the EU, you’re ultimately creating a poor user experience for any non-EU citizen travelling or living abroad. For example, if an American citizen was to go to an EU member nation and attempt to check your domain based in the U.S., he or she would be blocked from viewing the site.

    2. Can’t I just redirect all traffic to a compliance page?
    No, and here’s why: Google also crawls your site. So, sending everybody to a compliance page will in most cases result in you losing your EU rankings.

    3. What if I show Google one page and EU users another?
    Definitely don’t do this! This is considered cloaking, which will always negatively impact your site’s SEO and likely result in a penalty from Google. What is cloaking? Cloaking is an SEO technique used in the past to deliver crawlers a different piece of content than the user in hopes of tricking search engines. For obvious reasons, this now results in penalties.

    What should my SEO strategy focus on in a post-GDPR world?

    As mentioned previously, the enforcement of GDPR has little impact on most SEO ranking factors. That being said, you still want to make sure you’re following SEO best practices through page titles, meta descriptions, URL structure, crawlability, website security and more. Below are some areas on which to focus your SEO efforts to boost visibility while staying compliant.

    Meta Data – focus on creating relevant, keyword-focused titles and meta descriptions. Provide users who are searching for your brand’s keywords with an enticing title and meta description encouraging them to click through to your site.

    URLs – review URLs for a keyword focus as well. This will help users and bots know what each page is about.

    Crawlable Pages – regularly check to ensure there are no crawl errors associated with your website and robots.txt file. Also, create and follow a process to ensure your site’s images have alt text, videos are transcribed and that you’re following technical SEO best practices.

    Clear Headings – create headings that are clear and relevant to the topic on the page. Using relevant and clear headings can decrease bounce rate while improving the user’s ability to scan the page for required information.

    Website Security – take the steps needed to make sure your website is safe and secure for users. Google has made it clear sites with HTTPS/SSL will receive a small boost in rankings compared to those without. Website security has become an increased focus for search engines over the past few years.

    Following these steps will help your website remain relevant, optimized and secure for all users.

    What is GDPR’s impact on the future of SEO?

    The future of SEO is constantly changing, requiring webmasters, SEO specialists and marketing teams to adapt quickly and efficiently. The EU’s GDPR is a great example of how quickly a change can occur. Currently, there are no immediate changes needed for your SEO strategy. However, it’s safe to say that Google’s ranking factors may change to reflect the guidelines instituted by GDPR as security and safety become an area of increased focus.

    For now, best practice is to stay as compliant as possible with GDPR. Focus on SEO best practices, keep your forms as short as possible to only collect relevant information and begin taking data privacy steps to prepare for potential global changes using GDPR as a model for best practice.

    DISCLAIMER: All data and information provided in this blog post are for informational purposes only. thunder::tech makes no representations as to the accuracy, completeness, currency, suitability or validity of any information contained herein. We recommend consulting with a legal professional for any legal advice pertaining to GDPR compliance.

    About the author::Dan Lyons is an Integrated Marketing Coordinator at thunder::tech. He develops and implements well-rounded digital campaigns that help clients achieve their business goals. He's best described as a positive, hard-working person who enjoys working out and a good laugh.
  • Google Marketing Live 2018 Brings Platform Changes
  • 980
  • Are You a Content Creator? Instagram's IGTV Says Yes, and Here's Why
Sign up for our monthly marketing newsletters