Retargeting and remarketing – how to implement them legally?

Retargeting is like a magic magnet for customers that works even when they are already outside your store Wondering how? Take the example of Monica, who runs a clothing store. One evening, while reviewing data from a retargeting campaign, she noticed that people who received personalized ads after leaving her site were three times more likely to return and make a purchase.What retargeting techniques did Monica use to achieve such a result, and how to implement remarketing and retargeting legally?

Retargeting for e-commerce – what is it?

Retargeting for e-commerce is a marketing strategy that involves retargeting users who have visited a website or online store, but did not make a purchase or take another desired action. The goal of retargeting is to remind these users about the products or services they viewed, or to encourage them to return to the site and complete the transaction.

How does remarketing work?

• User tracking – when a user visits an online store, a special cookie is placed on his/her device. This cookie allows you to track the pages and products you view. Remember to act in accordance with the law when tracking users.
• Creating a remarketing list – the information collected by cookies is used to create a list of users who have left the site without making a purchase. This list allows you to starget these users at a later time.
• Remarketing campaigns – using the information gained, the store can run advertising campaigns aimed directly at people on the remarketing list. These ads can be displayed on various platforms, such as Google Ads, Facebook, Instagram, as well as on partner sites within the advertising network.
• Personalization – remarketing allows for highly personalized communications. Stores can show users ads containing the exact products they browsed or similar products. You can also customize advertising messages depending on the stage at which the user left the site (e.g., abandoned the shopping cart, viewed a specific product category, etc.).

Why implement remarketing?

Why is it worth investing in remarketing and what makes it more effective than other forms of online promotion?

• Maximizing conversions – remarketing is nothing more than a second chance to get customers. Reminding users about products that have already interested them in the past significantly increases the likelihood that they will make a purchase this time. By focusing on people who are already somewhat engaged, this strategy can yield up to 50% higher conversion rates compared to standard ad campaigns.
• Optimize marketing spending – remarketing allows you to use your advertising budget more efficiently. Targeting advertising efforts directly to people who have already shown interest in a product significantly increases ROI. Costs per conversion are typically lower because you are advertising to people who don’t need additional convincing of the brand’s value – just a small reminder.
• Building lasting brand awareness – the ease of access to a myriad of alternative offers means that consumers often forget about previously visited sites. Remarketing allows you to keep your brand in the field of view of potential customers, building and perpetuating brand awareness. The cyclical appearance of reminder ads ensures that even if a purchase doesn’t happen now, customers will remember the brand whenever the need or opportunity arises.
• Personalized approach to the customer – remarketing enables extremely precise targeting of ads, resulting in more personalized communications. For example, you can create different messages for users who have abandoned a shopping cart, visited only one product category, or spent a certain amount of time on the site. Such personalization increases the effectiveness of ads, as they respond to the specific needs and interests of potential customers.
• Increase customer loyalty – a thoughtful remarketing strategy that does not bombard customers with incessant ads, but offers valuable reminders and compelling offers, can increase customer loyalty. By giving them the feeling that they are remembered and valued, you build positive relationships that translate into long-term brand benefits.
• Flexibility and testability – remarketing campaigns are easy to customize and modify in real time, allowing you to quickly test different messages and offers. Monitoring responses to specific ads gives valuable insights into which campaign elements work best and which need to be optimized.

Remarketing vs. retargeting – what are the differences?

Although in practice even specialists use the terms remarekting and retargeting interchangeably, they do not mean the same thing. The difference between retargeting and remarketing is significant from a strategic point of view. To reach potential customers, remarketing uses email, while retargeting uses cookies to display ads. To be successful, remarketing must first gather information about users to develop lists that we can use to make sales via email. Remarketing, on the other hand, requires cookie permission.

Although remarketing and remarketing are beneficial on their own, their combination can greatly improve digital marketing results and ultimately increase sales.

Retargeting versus cookies

Cookies are small data files that websites store on a user’s device to track their online activities. They allow sites to identify users who have previously visited the site and display tailored ads to them on various platforms. How does retargeting work in the context of cookies?

• Installation of cookies – when a user accesses a website, a cookie is installed on their device. It may contain information about the products viewed, the time spent on the site or the stage at which the user abandoned the purchase.
• Tracking and data collection – the cookie allows tracking user activity on the site and collecting data that is then used for retargeting purposes. This data is anonymous, meaning that it does not contain directly identifiable personal information, but can be used for device or browser session recognition.
• Start retargeting campaigns – using the collected data, companies can then run retargeting campaigns, displaying personalized ads to users who have left their site, on other websites or social media.

How to obtain cookie consent in retargeting?

According to regulations such as RODO (General Data Protection Regulation) in the European Union, cookies cannot be used to monitor the online behavior of audiences without their consent. The elements of this zgida are as follows:

• Clear and transparent information – the user must be clearly informed about what cookies will be installed, what data will be collected, how they will be used, and who has access to them.
• Active action to confirm consent – consent for cookies cannot be checked by default. The user must actively check the appropriate box or click the button to consent to the use of cookies.
• Possibility to choose – the user should be able to choose which cookies he accepts and which he does not, especially if it concerns cookies necessary for the functioning of the site. He must also be able to reject cookies. Only after the user consents can you track his activity with cookies.
• Easy access to information and opt-out – the user should have easy access to their consent and the ability to withdraw it at any time. It is good practice to place information about cookies in a prominent place on the site and offer a simple and intuitive option to manage consent.

Legal requirements for remarketing – cookie policy

The cookie policy is a key document on any website that informs users about how their data is collected and used through cookies and similar technologies. The essence of this policy is not only to meet legal requirements, but also to ensure transparency and build trust among users. What information should a well-drafted cookie policy contain?

Purpose and scope of the cookie policy
The policy should start by explaining what cookies are and their use on the site. It is important that users understand that cookies are small text files that are stored on their devices and can be used to remember settings, analyze behavior or for advertising purposes. It should be made clear that the policy covers all tracking technologies, such as cookies, web beacons or local storage.

Types of cookies used
Distinguish between essential cookies, which are required for the technical operation of the site, and functional cookies, which improve the user experience, analytical cookies, which are used to collect data about site traffic, and advertising cookies, which allow ads to be tailored to the user. For each of these types, it is useful to provide examples and explain their functions.

Data Administrator
The policy should contain information about the data controller, i.e. the entity that decides the purposes and methods of processing personal data. It is necessary to provide the company name, address and other contact information. If data is transferred to third parties or processed outside the EEA, this should be clearly indicated.

What data is collected?
It is important for users to know exactly what data is collected by each type of cookie. This may include information such as IP, location, device type, browsing history or shopping preferences.

We should be aware of this.

Third-party cookies
If the site uses third-party cookies, such as analytics tools (e.g. Google Analytics) or advertising (e.g. AdSense), users should know who has access to their data and for what purpose. You should state exactly which companies use this information and for what purposes.

How users can manage their cookies
The key element is to explain how users can manage their cookie settings, including how they can consent to the use of cookies, how they can withdraw consent, and how they can delete cookies already installed. It is important to inform about the consequences of disabling cookies, which may affect the functionality of the site.

Policy updates cookies
Policy should also includev information on how often it is updated and how users will be informed of these changes.

How to protect users’ personal data in remarekting?

You want to build trust among users and operate in compliance with RODO regulations? You need to ensure the security of user data in the process of creating remarketing ads. How to do this in practice and what elements to include in this protection?”

Data encryption

• Encryption during transmission – all data transmitted between the user’s device and the server should be encrypted using HTTPS. This ensures that data transmitted over the Internet is protected from interception by unauthorized persons.
• Server encryption – data stored on servers should also be encrypted to protect it from being accessed by third parties in the event of a breach of server security.

Access management

• Limited access to data – access to personal data should be limited only to those who need to process it for remarketing purposes. Any person who has access to the data should be properly trained in data protection.
• Authentication and authorization – systems should require strong passwords and use multi-component authentication to minimize the risk of unauthorized access.

Monitoring and logging

• Recording activities – all personal data processing activities should be recorded in system logs. This allows you to monitor who accessed the data, when it was accessed, and what operations were performed.
• Regular security audits – regular audits can help detect potential security vulnerabilities and ensure that all security measures are up to date and effectively implemented.

Data anonymization and pseudonymization

• Reduce traceability – where possible, use anonymization or pseudonymization of personal data, which means processing data in a way that makes it impossible to directly attribute it to a specific person without using additional information.
• Data minimization – process only the data that is necessary to achieve remarketing goals, which reduces the risk of abuse.

Physical and technical security

• Secure servers and data centers – make sure data is stored in secure locations with adequate physical security (e.g., access control, monitoring).
• Network security – use firewalls, intrusion detection and prevention systems, and other network security technologies to protect data from external and internal attacks.

Incident Response Plan

• Preparedness for breaches – you must have a security incident response plan in place that outlines strategies to use in the event of a data breach. The plan should include procedures for notification, crisis management and incident cause tracking.
• Employee Training and Awareness – regular training for employees on data security and privacy best practices to increase awareness and understanding of the importance of securing personal data.

Summary

Retargeting and remarketing are effective marketing strategies that allow companies to re-target people who have already shown interest in their products or services. Their effectiveness, however, must go hand in hand with compliance with applicable laws, including, most importantly, the principle of personal data protection. In Poland, these activities are regulated by the RODO, which requires companies to clearly inform users about the purposes and methods of data processing and obtain their consent to such activities. It is also worth noting that zboth retargeting and remarketing must be implemented with respect for user privacy and ethical marketing standards Entrepreneurs should regularly review and update their procedures in accordance with the latest legal requirements so that their marketing activities are not only effective, but also ethical and legal.