How can you find out if the General Data Protection Regulation applies to your site? Simple: if you have users from the EU countries, the answer is yes. If you don’t… The answer is still yes! Even if you don’t have any European users today, that may change tomorrow. Just one will be enough to make you subject to the new laws. And because GDPR came into effect in May 2018, your website should already be compliant. Hurry up and do something if it still isn’t!
What is the purpose of GDPR? Its primary goal is to help users who are concerned about the safety of their online data. Is it also good for the sites it affected? Depending on how you handle it, that may or may not be the case. So here is our question of the day: how has GDPR influenced SEO? Let’s find out.
Can GDPR cause any problems for a website’s SEO?
I can say one thing about GDPR with utmost certainty: it’s SEO-friendly. Complying with GDPR may cause you to overwork yourself, but it’s entirely possible to finish preparations and not lose any traffic or rankings afterwards. It all comes down to how much you change your site to make it compliant: the less, the better.
If your site’s rankings and traffic took a dip post-GDPR, you’ve probably gone too far and made a mistake or two. The SEO aspect of GDPR has more “don’ts” than “dos”.
1. DON’T: let popups obstruct your content
It kind of defeats the point of GDPR when users aren’t free to browse the Internet while keeping themselves safe. Give your visitors an option to say “no” and still be able to view your site’s content.
2. DON’T: redirect users to a page with new policies
Popups aren’t the only way to inform users about GDPR. Some websites have taken a different approach, but you should not follow their example. Here’s why.
Imagine yourself sitting at home and getting the munchies. You open Google and search for “pizza delivery in my city”. You click on the result that catches your eye, and…
Instead of pizza, you are looking at a page listing the site’s new policies caused by GDPR.
You feel cheated and never visit this site again. You buy pizza elsewhere, and it helps you forget this unhappy episode.
What went wrong? The website’s owner set up a redirect leading away from the content the user wanted. This is never a good idea, not even when you need to let people know about important changes. Unfortunately, there are websites that have made this mistake. Some were even quick to fix it, but not before their traffic took a dip.
On top of that, search engine bots are affected by redirects, too. An important page that can’t be crawled is a crippling blow to a site’s SEO – and to your business, if money is involved.
3. DON’T: make links to your page with new policies nofollow
While setting up redirects to GDPR pages is a bad idea, having such pages on your site is perfectly fine. In fact, it’s a requirement for businesses that operate with user data. Users need to know they can trust you with their information.
2. If you nofollow the page with the confirmation of your GDPR compliance, Google won’t see it. Are you sure you want to hide such important information from Google?
3. Lastly, you might actually want this page to rank high in search results. If someone Googles “(your company name) GDPR”, they will see for themselves you are following the new policies and feel safe with you. For the same reason, don’t noindex the page in your robots.txt file.
4. DON’T: install external elements that aren’t GDPR-compliant on your site
Your site might be using elements from external resources – for example, themes and plugins. They are commonly found in blogs and other platform-generated websites. Such elements are always a risk due to their tendency of being exploited by hackers, and they’ve become slightly more dangerous after GDPR.
Here’s the thing: if you have an element that isn’t GDPR compliant, then neither is your website. Avoid using non-compliant elements at all costs!
Granted, their creators don’t want to be fined and will most likely release newer and safer versions in the nearest future. Keep an eye on these updates and install them as soon as possible. If an external resource remains unsafe, you should delete it from your site altogether and never look back.
Is GDPR compliance a ranking factor?
Most webmasters will comply with GDPR to avoid trouble with the law. That’s the only reward we can expect from the powers that be. What about Google? Will they make GDPR a part of their ranking algorithm?
That is currently unclear. Right now, nobody can tell if GDPR-compliant sites will get a ranking boost and non-compliant ones will be deranked. The fact that not all websites need to obey the regulation doesn’t make this question any easier to answer. All our hopes rest on someone from Google (maybe John Muller) addressing this matter soon.