Check Out Our All New Podcast Resource Center!
Jan. 15, 2021

Data Privacy Regulations – What You Need To Know with Dean Shapero

Data Privacy Regulations – What You Need To Know with Dean Shapero

Andy discusses data privacy regulations with Dean Shapero of Invisit.

New regulations have been passed where website owners need to discuss how they are tracking their users. From CCPA (California's Consumer Privacy Act) to Facebook Limited Data Use, data privacy regulations are here to stay.

Discover how to easily become compliant using Invisit.co and strategies becoming compliant can help increase your profitability.

 

ABOUT THE HOST:

Andy Splichal - Make Each Click Count PodcastAndy Splichal is the World's Foremost Expert on Ecommerce Growth Strategies. He is the acclaimed author of the Make Each Click Count Book Series, the Founder & Managing Partner of True Online Presence and the Founder of Make Each Click Count University. Andy was named to The Best of Los Angeles Award's Most Fascinating 100 List in both 2020 and 2021.

New episodes of the Make Each Click Count Podcast, are released each Friday and can be found on Apple Podcast, iHeart Radio, iTunes, Spotify, Stitcher, Amazon Music, Google Podcasts and www.makeeachclickcount.com.

Transcript

Andy Splichal  0:02  

Welcome to the Make Each Click Count podcast. This is your host, Andy Splichal. And today I'm being joined by a special guest to discuss Your Client's Data Privacy. He is the CEO and founder of a company called Invisit. Invisit helps business businesses manage data regulations such as CCPA. That's the California Consumers Privacy Act. And Facebook limited data use in an easy to use way. Definitely a new subject for a new year. Let's give a big welcome to Dean Shapero. Hello, Dean.

 

Dean Shapero  1:23  

Nice to meet you. How are ya?

 

Andy Splichal  1:25  

Great. Great. Well, thanks for joining us today.

 

Dean Shapero  1:29  

My pleasure. Thanks for having me.

 

Andy Splichal  1:31  

Now, before we dive into today's topic of data privacy regulation, let's hear a little bit about your backstory and how and why you found it Invisit, how long it's been around how it started, how it got its name, all that kind of good stuff?

 

Dean Shapero  1:48  

Yeah, yeah, absolutely. So I have been in the data space for most of my career at this point. And really, you know, the data space is now kind of intertwined with the privacy space with everything emerging from a regulatory standpoint affecting how data can be used. So I was at Hearst, which is a big media company in New York working on some of their data monetization efforts. And then at the end of 2019, CCPA, the California Consumer Privacy Act, really, the first major US data privacy law was just about to come out was coming out in early 2020. And I was watching all of the massive headwinds and change that were affecting how data is used on the internet. So that's when I realized, like the massive necessity in market to build easy to use privacy management tools, it seemed obvious, this was not something many internal companies could handle on their own, even even large companies, corporations, but obviously all the way down to like the mid market and growth and small business type companies as well. So that's what we set out to build. And in the process last summer, something really interesting happened. So in the summer, July, specifically, CCPA became effective. So it was it started technically, in January, but it wasn't enforceable until July 6 month Regency period, when it became enforceable, a really important trend happened. And that was the channels like Facebook, like Google began implementing their own privacy rules, basically saying, Okay, there's this new privacy law CCPA. We as Facebook, let's say, you know, we don't want to have to deal with this. So you as the business owner who wants to advertise on Facebook or Instagram, you have to deal with it. And you have to do all these special new technical changes on your site. To guarantee your data privacy compliance with Facebook, basically making sure Facebook has all the right information. And what we found really quickly was that no one was were no one was responding correctly. No one was implementing these technical specifics of privacy the right way. And it was causing substantial revenue loss. Things like campaigns being pause, or having huge amounts of users removed from retargeting pools was really affecting industries of all sizes of all you know, all types of verticals, of course, but especially the E-commerce vertical. And that's when we decided we should focus on this specifically in this vertical specifically. So in October, we did our release of what we call revenue loss monitoring. Basically making sure businesses are compliance with the channels when they want to use data, making sure you know, you're not losing any Facebook conversions or Google conversions as a result of privacy mismanagement, basically. And that's where we are today.

 

Andy Splichal  5:15  

All right, cool. Well, let's, let's take a step back. Can you explain to those that might not have even never heard of the CCPA? The California Consumer Privacy Act, what that is and what it does?

 

Dean Shapero  5:29  

Absolutely, yes. So the CCPA, like I said before, it's the first major US based privacy law. And these privacy laws are starting to pop up all over the globe at this point. And what they all pretty much boil down to CCPA included, is giving your site visitors more access and control over their data over what information is being tracked and collected about them and how it's being used. So it's CCPA. And this is pretty consistent with most of the data privacy laws, there's a few main elements that are necessary that every site visitor or sorry, every website owner should be giving to their site visitors. And that's basically a form cookie banner or some other type of mechanism that lets people know what vendors like a Facebook or Google Analytics are collecting data on them. And then a basically like a request option, where site, visitors can say, hey, I want to access my data, I want to know what you have collected on me, I want to delete my data, I want you to erase it from your, you know, store wherever you would have it stored. And I want to this is a very poorly phrased clause, but it's called the right of do not sell my data where you can, site visitor can say, please do not sell my data. Now, that does not mean actually going in selling someone's email address for a few dollars. It's referencing behavioral targeting, behavioral Advertising targeting. So that essentially means for, you know, giving people a way to opt out of any data targeted marketing.

 

Andy Splichal  7:20  

Now, so this law, is it for businesses that are in California? Or is it for businesses anywhere for users that are in California,

 

Dean Shapero  7:34  

The latter? That's exactly right. And I think that's something that some businesses might miss anyone doing business on the internet has to adhere to these laws, if they have a site visitor, they have site visitors coming from California, so everyone must adhere to this and give these options to people in California. And probably pretty soon it seems like it's going to be a nationwide regulation. So at some point, in the very near future, this will be something that everyone has to do for all of this site visitors.

 

Andy Splichal  8:09  

You know, I was aware that this has been a big thing, like in Europe in the UK. But just recently, and probably just the last few months, I'm located in California, and I see it quite a bit more with that banner to accept cookies and such. That is the CCPA compliance?

 

Dean Shapero  8:32  

That's exactly right. And a little fun fact specially for you know, all of the E commerce stores out there, the those cookie banners, that's exactly what they're for. They're for CCPA. But you don't actually have to make them cookie banners, when we encourage our clients to do this is literally is the CCPA law. It says a possible way of exercising your CCPA rights can be a little button in the footer of your page like where you might have about us or contact us or Privacy Policy and Terms of Use. You could put a link in there as well that allows California visitors to you know, click the button and see a form and say hey, I want to ask this or delete my data. That's a completely acceptable user experience. And in my opinion, I think most people's opinion way better beside experience that nice cookie banners everywhere.

 

Andy Splichal  9:35  

Yeah, no I agree. I've been before I really knew what they were kind of scared me. Definitely side is this and most times I was just leaving unless I really wanted you know what it was. Now, with with your solution. How does it work? Is it a code you put in or how does that work?

 

Dean Shapero  9:56  

So what our thesis as a code To me is is we want to take all of the burden on all of these things away from you. Especially know, you know, we focus pretty heavily on the E-commerce market. We always joke, we're like, you worry about selling your product, we'll worry about privacy. We'll do it all for you. So if many of our clients are on Shopify, so Shopify clients, they just click at, you know, it's an app on Shopify, they click install, and it's all handled for them. For non Shopify clients. Yeah, it's simply a line of code that they put in their header. And it manages everything from giving site visitors all CCPA rights and options over their data, in addition to passing all the Privacy Technical Requirements, to Facebook, to Google to make sure you are in compliance with their standard. So your performance and your campaigns are not affected in any way.

 

Andy Splichal  10:58  

Now, when I hear about privacy or anything, website security, I always the first thing that jumps to my mind is protecting the customer order information, their credit card information such like that. But that's completely different. We're not talking about that at all right?

 

Dean Shapero  11:15  

Yeah, it's funny, cybersecurity and privacy, I always joke, they're like kind of two, the two different sides of the same coin, where what you're describing in cybersecurity is making sure that data is in breached, you know, preventing it from bad actors, from hackers. Whereas privacy, it's a similar mindset, but the opposite. It's like it's giving individual people access over that information. So if I, you know, made a purchase, on, you know, whatever on Macys.com, and they have information on me, they know who I am, they're probably using some retargeting and data, you know, collection tactics on their site. I, as a consumer, have the right to request to Macy's, hey, I want to know what information you have stored on me. And I also may want to delete it. And I also may want to opt out of any data driven targeting tactics. That's really what the emergence of privacy boils down to.

 

Andy Splichal  12:27  

Okay, yeah, no, that that's a great way to clarify that. Now, I guess a big question that listeners might have they have ecommerce stores is why should I even worry about this data privacy issue? I mean, it's a new, is anything going to happen? If I don't install it, whether or not I'm in California or not?

 

Dean Shapero  12:49  

Yeah, what is driving us crazy, we're trying to scream from the rooftops is that not doing anything will cost you actual money, will cost you revenue, will cost you conversions. And hit let me explain why. If you are not informing Facebook, of the compliance status of your site visitors, basically what I mean by that is, Hey, what is Facebook wants to know, who's opted, then who's opted out to receiving targeted advertising from your business? So things like retargeted ads, Facebook wants and requires you to tell them who's opted in who's opted out. If you don't do anything, Facebook will not show up site, you know, site visitors when they go on to Instagram targeted advertising from your business. So we saw in q4 alone, hundreds of millions of dollars, we're still calculating the effect you're thinking might be upwards of a billion even. We're lost just in q4 from privacy mismanagement on Facebook, because huge amounts of retargeting campaigns essentially delivered nothing, or resulted in minimal conversions, because privacy business was mismanaged. Now, it's so important. I'm sorry, go ahead.

 

Andy Splichal  14:12  

Well, were they not showing those ads to California users? Or was this across all the campaigns,

 

Dean Shapero  14:20  

Both of those situations we've seen and there's two distinct issues that we see the most out in market and we so add in visit, we also operate like a Privacy Scanner. So we basically monitor all the different compliance standards or compliance events happening across, you know, hundreds of 1000s of ecommerce sites daily essentially. So the two main issues that we saw, are more prominently not doing any compliance updating with Facebook. And in that event, mainly California users will be removed from retarget you can't It pains and you don't get notified. It's not like a creative being flagged as a big error. Facebook just doesn't it's like you didn't tell us what they're what particular side business compliance status was. So we're not including them in a retainer retargeting tool, for example. So that affects California sales dramatically. The other issue we see very often in market also is businesses tried to implement the Facebook compliance status. But they did it incorrectly. And as a result, they're accidentally telling Facebook to remove everyone from retargeted advertising tactics and other data driven campaigns. We see it all the time, we see the code loading accidentally opting everywhere from targeted advertising. And that can lead to catastrophic results. And it happens way more often than you realize.

 

Andy Splichal  15:54  

And you talked about not serving on Instagram. Is it just Instagram? Or was it not serving on Facebook as well?

 

Dean Shapero  16:01  

Both exactly. Any Facebook owned property? Even I don't know if anyone you know, any, your listeners leverage their audience, Facebook Audience Network at all. But yeah, any Facebook advertising property will be impacted by this.

 

Andy Splichal  16:16  

And now with your system? So do they connect in visit to their Google Ads Manager? How does it alert Facebook code of compliance?

 

Dean Shapero  16:28  

Yeah, that's exactly right. We automate everything. So once you install our software, you basically just type in your pixel ID that you use under your website, and then everything's automated. Like I said, earlier, we know that privacy world is getting so confusing and so overwhelming. We just take care of everything, like, put us on, we got you, we'll make sure you don't lose $1 Because of the privacy issues on your site.

 

Andy Splichal  16:53  

Well, it definitely seems simple. Now, what about Google what's Are there negative effects for not implementing privacy or conforming to the CCPA, using Google ads.

 

Dean Shapero  17:08  

Google requires something similar, their impact is not quite as dramatic yet. They just recently released something called restricted data processing, where they're asking businesses to alert you know, to inform Google, of every site visitors compliance status, much like Facebook. But in the event that no action is taken, then Google is not at least removing users from campaigns. So in that instance, if you don't do anything, it's not having as dramatic of a negative impact. But I suspect that will change in the new year, just because there's so there's, you know, CCPA, like I said before, only really has existed since July. So with increased scrutiny, I think Google is going to take a more extreme standard as well, like Facebook has done and I suspect all other major marketing channels will do the same, like we're pretty sure from our research and conversations Snapchat will be implementing something similar in 2021. So yeah, we believe and it seems like based on the trends, that every platform is going to require you the business owner, the commerce store, to update technical things on your site, alerting every marketing channel of compliance status.

 

Andy Splichal  18:42  

Wow, that's gonna be crazy. Now, I see on your website, that there are some different case studies where you're you're talking about how right now implementing the data privacy solutions driving increased ROI. Can you explain a little bit more how that's the case? Maybe share one of your favorite case studies with us?

 

Dean Shapero  19:05  

Yeah, you know, it's one of the case studies we discuss on our site that's, you know, invisit.io, anyone can go and check it out for themselves as well. But with a furniture ecommerce store saw about a 30% conversion increase in California, within a few days of implementing our software, and results like that we see pretty consistently, the reason being that you are likely you as the business owner or ecommerce Store, you're likely losing out on potential reach on potential, you know, prospects for your campaigns because of lingering privacy issues because the majority the vast majority of sites have not dealt with this. So what that means is Facebook's probably removing potential users from your campaigns without you even realizing it. So when you implement a privacy solution like ours, that properly communicates the Facebook, every site visitors compliance status, Facebook knows, oh, hey, all of these users that we didn't know if they were, you know, opt in or opt out, receiving targeted ads. Now, Facebook knows now they know that they can show ads to these people. What that means is you reach more people, more prospects or in your campaigns, and ultimately, you know, more efficient campaign more conversions, because of those extra users in your campaigns.

 

Andy Splichal  20:42  

Now, and it sounds like that there might be competitors, or those people in general in California that aren't receiving a ton ads, too. So you might really have the opportunity to stand out if you're an early adopter of this.

 

Dean Shapero  20:55  

Hate time, we've seen that a lot where you get a real increase in spike in you know, real spike in conversions, like almost immediately, because this is such a rampant issue, or so many people are losing out on their reach. So if you're the ones who implement this correctly, there's less competition for less users. So it's, yeah, you can see potentially strong gains as a result.

 

Andy Splichal  21:19  

Now, data privacy, it seems to be a new topic, but definitely it's becoming more common to hear discussions. Now, quick questions. So put you on the spot here, if you were to be knows Nostradamus, where do you see data privacy going next, you know, three to five years?

 

Dean Shapero  21:39  

Well, I think in the next, even one to two years, we'll see a US wide privacy law similar to CCPA. So I expect that to be mandated across the US, I think pretty soon, privacy is not going to be like this, this little thing you hear about or, you know, you see, like a digit day article on or something, I think it's going to be a standardized necessary compliance, check that every single, you know, digital transaction based business will have to implement on their site much like, you know, basically, every site has to have SSL compliance, you know, to inform visitors that your order form on the internet in general, that you are a secure website, I believe that every single website will be required to put in these data option controls for their site visitors, I think that's an irreversible trend, every single site, visitors will have the option to control their data to access their data to request opt out, or deletion of their data from nearly any business are really good, comparable, that's also probably relevant and interesting for your listeners, is accessibility, compliance, ADA compliance. That's another new trend, it's a few years ahead of privacy. But it basically mandates that you have to put in, you know, accessibility tools for people who might be disabled in various ways. So they can still use your site. That's that's a, you know, a lot of regulation, a legal rule, all the galley needs to follow. I expect very similar things within the next few years for privacy, where you are, you're required to give all of your site visitors control over their data.

 

Andy Splichal  23:34  

Now, let's let's talk about invisit, how does your pricing work if if somebody is interested in and becoming an early adopter of this?

 

Dean Shapero  23:45  

Yeah, so what we try to do is make flexible pricing. So it's usable for websites of all sizes, so it ramps up by Unique Visitors. So the bigger the site, the more that charge will be the smaller the site, you know, it's pretty affordable cost just goes up by about $30 per 10,000 Unique Visitors. So yeah, on the small side, it's arbitrary price and make sure you're in good standing and then obviously, as it ramps up. So there's the pricing, but and again, so as the amount of money we help save, so it's it's accessible for people or for merchants and ecommerce stores and businesses of all sizes.

 

Andy Splichal  24:29  

And are these annual contracts monthly contracts. How does that work? Just a

 

Dean Shapero  24:34  

monthly contract. Yes, you pay as you go. And hopefully you like the service and it does its job so efficiently that it's a it turns into an annual deal but as a result,

 

Andy Splichal  24:46  

okay, and where does the pricing start? Let's say I'm like a small ecommerce store. I don't know not kind of traffic. 5000 visitors a month?

 

Dean Shapero  24:57  

Yeah, it's the smallest price what it is just $20 a month. So at that point and a lot of the, you know, up and running or up and coming ecommerce stores, yeah, it's only 20 bucks to have all the compliance you need handled.

 

Andy Splichal  25:13  

Well, it sounds sounds like a no brainer. I mean, you're not breaking the bank, and you're making sure that your compliance issues are handled. Now.

 

Dean Shapero  25:22  

You know what, that's what we try to frame ourselves on. Because like I said, I know this is a confusing and difficult issue. So we made sure that we can make this easy to install and accessible for, you know, the small businesses of the world.

 

Andy Splichal  25:37  

What's great. Now if somebody wanted to learn more about your data privacy solutions,  what would be the easiest way to get a hold of you in invisit?

 

Dean Shapero  25:48  

Yeah, so our website and visit.io has great educational resources. And we have a pretty active blog, that I encourage people to check out just to stay on top of all things data privacy that might be impacting them. And your listeners, can, you know, feel free to reach out to me as well, personally, if they have any questions on data privacy, I'm reachable at Dean, my first name dean@invisit.io. Yeah, feel free to reach out. And I'm happy to help out anyone who's trying to navigate some of these complexities.

 

Andy Splichal  26:24  

What's nice, thank you, Dan. Now, I almost hate to ask, but we're only starting at 20 bucks a month. But do you have any special offers or incentives going right now for listeners who who might be inclined to become new customers? 

 

Dean Shapero  26:38  

Yeah, absolutely. We're happy to offer your listeners a deal if they want to, you know, give it a try. We'll put we'll give we'll provide a referral link that you can use in the description of this podcast when it's released. And your listeners are entitled to 10% off for the first six months of using the Invisit software. So if they want to give it a try, you know, for being such loyal listeners for you. We're happy to provide that deal.

 

Andy Splichal  27:07  

Great. Well, thank you so much. I think that's all the questions I had. Is there anything that I have overlooked or missed?

 

Dean Shapero  27:15  

No, I don't think so. I think the most important thing, though, is just reiterating that it's a it's a you know, a passive issue. It's something that not many people realize they're currently suffering from so and it's, you know, it's just starting, we're the first inning of privacy. So I encourage all your listeners and you know, friends and listeners spread the word, whether it's visited or not just look into data privacy, because this is something that could be impacted your sales, and it's only going to grow, especially this year. So check it out, you know, educate yourself, and hopefully you can save some money as a result.

 

Andy Splichal  27:55  

Perfect. Well, thank you so much, Dean. Well, that is it for today. Remember, if you liked this episode, please go to Apple podcasts and leave a five star review. And if you're looking for more information regarding Invisit and data privacy you can reach Dean through the email he just mentioned or through invisit.io and you'll be able to find his company's contact information in this episode show notes along with the link to save the 10% In the meantime, remember to stay safe keep healthy and happy marketing and I will talk to you in the next episode.