Website Visitor Identification and GDPR Compliance
Discussion and examples of software vendors’ communications about GDPR compliance for their B2B lead generation tools.
Last Updated: August 2019
What Is Anonymous Website Visitor Identification?
In the context of a specific B2B (business-to-business) website operator, anonymous website visitor identification is the process of discovering which other companies and organizations are visiting that B2B website.
It is based on mapping IP addresses of the website’s visitors to specific end-user organizations, when possible.
(Note: The terms ‘visitor identification’ and ‘visitor tracking’ are often used somewhat interchangeably here.)
Once a visiting organization is discovered, it is then possible to identify potential prospect contacts at that organization. This is often done with the help of specialized B2B lead generation software tools.
The goal is timely, high-quality lead generation for B2B sales teams.
What Is GDPR?
GDPR stands for General Data Protection Regulation. It is a set of rules that went into initial effect in May 2018, impacting how organizations worldwide need to manage and use personal information (e.g., contact details) pertaining to citizens of European countries.
GDPR is relevant to anonymous website visitor identification because B2B sales and marketing teams need to be sure their tools and processes are compliant with GDPR for marketing to EU-based citizens.
EU regulators are already starting to levy substantial fines against companies that violate GDPR.
B2B firms selling to European customer prospects need to be GDPR compliant in their sales and marketing campaigns.
In this post, I take a look at how GDPR impacts B2B software tools for identifying website visitors, with specific examples of vendor GDPR compliance communications.
Why B2B Firms Care About Website Visitor Identification
Identifying anonymous website visitors is very useful for B2B firms that want to more fully leverage their corporate websites for lead generation purposes.
As we all know from our own personal experiences as online researchers and buyers, website visitors typically come and go without ever leaving contact details, making inquiries, registering for newsletters, or filling out website forms for premium content.
That’s just life in the real world of B2B marketing.
And that’s where these B2B website lead generation tools come into play.
Role of B2B Website Lead Generation Tools
Recognizing this need in the overall B2B marketplace, many software vendors have built tools that try to identify anonymous website visitors. Their purpose is to help B2B companies generate more sales leads directly from the stream of companies and people visiting their corporate website.
Core Software Features
These software products perform a number of lead generation functions that are designed with proactive sales teams in mind.
Features typically include:
- Mapping your website visitor IP addresses to organizations and geographic locations.
- Providing company firmographic data (industry sectors, annual revenues, main social profiles, etc.)
- ISP suppression… to ensure a high percentage of “valid” buying organizations get identified for sales consideration… not just various internet service providers who provide the visitors’ IP addresses
- Providing company contact lookups to help identify potential people for targeted sales outreach (emails, phone calls, etc.)
- Lead scoring, account filtering, realtime alerts, and other features important for timely and accurate sales follow-up
- Platform integrations with CRMs, marketing automation platforms, etc.
- Other proprietary value-added features
I’ve covered this category of B2B lead generation software in more detail in this post.
There are many vendors providing these tools today, and virtually all of them offer a free software trial period ranging from one week to a month. The most common trial duration advertised is two weeks.
Website Visitor Identification Vendors and GDPR Compliance
B2B software vendors with target audiences in Europe are working hard to comply with GDPR. This applies to their own marketing efforts as well as the capabilities provided by their products and services.
B2B lead generation software vendors do not want GDPR issues to be a barrier to user adoption of their tools. They need to address these possible concerns and objections in a clear and straightforward way.
They also want to avoid the possibility of heavy fines, of course. Not to mention the negative PR and media attention that may stem from being shamed as a GDPR violator.
Some vendors are fully GDPR-compliant today. Others are publicizing roadmaps to full compliance.
GDPR Compliance and Website Visitor Discovery
All of the mainstream software products in this segment are GDPR compliant. Some vendors just do a better job than others of communicating this to their customers and prospects.
For the most part, these solutions have a strong argument in favor of GDPR compliance.
Most of these tools do not identify individual website visitors. Instead, they typically use IP address and location information to identify *companies* that have visited your website.
They then use a variety of contact databases and other resources (LinkedIn, etc.) to associate specific people who may be good targets for B2B sales outreach based on the website visitor session data.
This is how you know ‘who is visiting your website’… as typically advertised for these software tools.
So at that level, these software vendors are in compliance with GDPR, and B2B companies can feel confident that they will also be in compliance with GDPR while using these products.
GDPR Compliance and Prospect Outreach
GDPR compliance seems a little trickier on the outbound prospecting side of website visitor discovery and follow-up .
These tools provide *potential* good contacts and prospects based on information known about the visiting company and location. Personalized 1:1 sales outreach via introductory phone calls and emails is fine, of course.
However, simply adding company contact email addresses to outbound marketing campaigns without explicit user permission (opt-in) would be a GDPR violation unless a convincing ‘legitimate interest’ claim can be made.
Examples of Software Vendor GDPR Compliance Efforts
I’ve collected several examples below of how leading companies in this software segment are communicating the GDPR aspects of their website visitor tracking products.
European Vendors Lead the Way
Since GDPR is about data privacy for European citizens, it makes sense that the software vendors based in the EU would lead the way in terms of proactive GDPR compliance.
I found this to be true when doing my research for this post. The vendors based in Europe tended to have the most visible statements about GDPR compliance.
US-based and other non-EU software vendors also want to market their solutions within Europe, of course. So they also offer a range of reassurances about the GDPR status of their solutions.
GDPR Compliance Examples
See the examples below for how various companies in this software segment are communicating their GDPR efforts and compliance.
Note: The various ‘callouts’ or notes on the screenshots below (red box borders, arrows, added text, etc.), are of my making. The original screenshots contain property of the respective vendor website owners. I’ve included them here for educational value.
A Canadian company based in Ontario, Clickback has a simple statement about its GDPR compliance for Clickback WEB at the bottom of their FAQ page.
See below and also at https://www.clickback.com/about/faq/.
Based in Helsinki, Finland, Leadfeeder also does a great job with their GDPR statement.
They devote a separate page to it within the Resources section of their main site navigation.
See sample below, and full info at https://www.leadfeeder.com/leadfeeder-and-gdpr/
Based in the UK, Lead Forensics is one of the world’s leaders in the area of website visitor identification solutions.
They cover their GDPR compliance in a blog post from early 2018, well in advance of the actual GDPR deadline in May of that year.
See blog post at https://www.leadforensics.com/we-are-gdpr-compliant/
Another Canadian firm based in Ontario, Visitor Queue has a ‘GDPR Ready’ button on their home page that looks like a site navigation element (but it’s not).
VisitorTrack software comes from netFactor, one of the leading US-based vendors of B2B website lead identification tools.
NetFactor (part of Bombora) includes a page dedicated to GDPR, with a direct link in the footer of their homepage.
See partial snapshot below, and the full version at https://www.netfactor.com/legal/gdpr/.
Another website visitor tracking specialist from the UK, WhoIsVisiting covers the GDPR compliance issue in their Help Center.
It’s findable, but you have to look for it. See below and also at http://support.whoisvisiting.com/articles/1694276-gdpr-whoisvisiting-compliance
There are over 40 vendors globally providing tools to help identify anonymous website visitors. Those included above are just a small sampling to show how vendors in this space are addressing the GDPR compliance challenge.
Marketing automation vendor Act-On, for example, provides their GDPR information within their Resource Library, but does not publicize it on their home page.
Account-Based Marketing specialist Demandbase offers a brief discussion of GDPR’s impact here.
GDPR Compliance as a B2B Software Marketing Advantage
The topic of GDPR compliance seems like a great marketing opportunity, given the heightened sensitivities about personal information privacy in general, and GDPR more specifically.
Due to the very nature of website visitor tracking and identification, it’s natural for their customers and prospects to wonder about the impact of using these tools in the age of GDPR.
Opportunity for Improvement
As shown above, some vendors are doing a great job at proactively and clearly communicating their GDPR status.
Others… not so much.
I won’t call them out by name here, but some vendors in this software segment should step up their GDPR game quite a bit and do a better job of communicating where they stand today.
For example, vendors who simply cover GDPR in legal terms as part of their company-wide privacy policies are missing a great marketing opportunity.
Fortunately, GDPR is not a major concern for users of website visitor tracking tools since these solutions primarily focus on company-level identification.
The follow-on marketing to the companies identified can be a bit trickier, since GDPR rules demand that EU-targeted marketing campaigns be based on opt-in email addresses.
Software vendors in this space need to educate and reassure their customers and prospects about GDPR. Most (but not all) do this via GDPR-specific content on their websites.
Product FAQs, dedicated pages and blog posts, support documents, company privacy policies, and even website home page GDPR notifications are some of the primary methods used.
This is definitely an evolving area, so it’s best to research and even reach out directly to any vendor you may be interested in regarding their GDPR status and how you can ensure your own GDPR compliance when using these tools.
Otherwise, drop a comment below and I’ll do my best to answer it for you. I’m also happy to contact specific vendors if I can help get answers faster that way.
Read this post to learn more about B2B website visitor identification and many of the top vendors providing these tools.
This post includes more discussion about features in Google Analytics that can perform basic visitor identification functions.
Finally, learn more about how to conduct a successful free software trial for website visitor tracking tools.
Please leave your feedback, questions, and any suggestions for improvements in the comments area below.
And feel free to share… Thanks! 🙂
B2B Sales and Marketing Teams: Have you used or evaluated these B2B website lead identification software tools already? What do you like or dislike about them?
B2B Software Vendors: What’s your experience in supporting customers having GDPR questions or concerns? Any key takeaways or tips to help future clients?
Anything important missing from my discussion above?