GDPR For Affiliate Networks

Beyond The Compliance…

If you are like us, you will have been thinking about GDPR for affiliate networks for some time. It may be something you are genuinely excited about or, like 99.9% of the industry, something you wish would go away and die. Either way, you should have been preparing.

Surprisingly, unlike data owners, the affiliate networks compliance process is not overly complicated. Providing you are insisting on complete transparency with your affiliates and taking a zero tolerance stance on anyone driving traffic that has not proved they are compliant through a lengthy validation process, you are good to go.


Covering your arse from the inevitable ICO dark cloud over the industry is only half the battle. You may well have all the t’s crossed and i’s dotted when it comes to compliance, but you do not have magical powers. If someone is going to be naughty, no amount of paperwork or screenshots proving their opt ins will stop them.

Like the latest car security technology brings out new, inventive ways for thieves to steel them. There will always be people that make it their priority to test the system and try to beat it. If you are unlucky enough to be working with one of these people, you could have a whole new battle on your hands.

The clients you value most, are about to have a huge new reason to question whether you are the best option to manage their traffic. Regardless of moral blame, if your affiliate pushes the boundaries and gets caught, your world of pain could very well be winging it’s way back to the advertiser. Not a great position for the network to be in when you have spent your time building all important trust.

What should we do?

1. We have to be brutally honest about our affiliate base. If like us you have affiliate managers that have solid relationships in place, this will be a tough process. We are fortunate enough to boast an extremely low reversal rate in 2017.

If I said I know every single affiliate however, I would be lying. In fact, if anyone from a network told me they have complete faith in every single third-party affiliate they work with to follow GDPR to the letter. I would call them a liar.

2. We have to get extremely targeted with our offer/affiliate pairing to ensure minimal risk. This will absolutely lose us revenue initially. It will definitely come good however, once we adjust our strategies inhouse.

3. Explore more traffic options with our clients including display, social, video and host & post. We all have those clients that won’t budge from a particular traffic source however now is not the time to be close minded.

We should be educating our clients on GDPR and the risks to their brand. By showing them another avenue for success, they should see you as an authority on the subject and open up.

4. Ensure we are maximising opportunities in regions outside the EU. There are tons of opportunities to explore if we can commit to a long-term strategy and accept the short to medium term struggles.

5. Offer some of our most trusted clients full transparency on the affiliates running their offers. If you are a blind network, I understand this goes against the grain however we are entering a new era here and old school rules don’t apply.

People that have been working with us for years could have gone direct at any time and haven’t. It’s time to have a little trust.

6. Challenge the hell out of our affiliates daily until we are satisfied with their process. Then when we are satisfied, challenge them again because the second we give them an inch, they will take a mile. I fully expect our clients to hammer us with the compliance stick every single day. I am ready for it!

7. Share best practice with everyone in the team. It only takes a couple of people not knowing what to look for in a report. Or not having the urgency to jump all over a potential problem, to create a world of pain for the network and the client.

8. Become best friends with our DPO (Data Protection Officer). Unlike most of us that wear a permeant sales hat, these people love this stuff. Use their constantly improving knowledge base to stay up to date with the inevitable changes in year one.

9. Embrace GDPR and live it! Make this the number 1 priority in the first 4 months of 2018, or we will be punished. Let it absolutely consume us until we are dreaming about it in our sleep. It is not going away so if we want to succeed in 2018, it must form part of our strategy.

Over to you…


Leave a Reply