The impact of the GDPR on SEO

What will be the impact of the GDPR on SEO?

The GDPR is on everyone’s lips right now. Indeed the new legislation comes into force on May 25, 2018. But what is the GDPR, why does it come into force and will it have an impact on the SEO?

What is GDPR?

The GDPR is the General Regulation on the Protection of Data (or GDPR for General data protection regulation), a text of the law (Law No. 2016/679) adopted in 2016 by the European Union. This text will enter into force on 25 May 2018 and will serve as a European reference for the protection of citizen’s personal data. The text of the law brings new and much more binding obligations on the treatment and the circulation of these data on which the companies rely on to offer their services and products.


The entry into force of the GDPR reinforces the main principles issued by the Data Protection Act, in force since 1978, to increase the rights of citizens and give them more control over their data according to the CNIL. But the text of the law also aims to replace a directive of 1995 and thus become the new reference text on personal data in the European Union. The explosion of digital technology and the new uses that this entails made it indispensable to adjust a directive that was more than twenty years old.

The GDPR is part of a desire to harmonize the European legal panorama with regard to the protection of personal data, thus, one and the same law applies to all Member States.

When does the GDPR come into effect?

The entry into force of the GDPR took place in two stages. The text was first adopted by parliament on April 14, 2016, and promulgated on April 27 in the official journal. However, it has been decided to postpone its application for two years, it will take place in a little over a month, on May 25th, 2018. These two years have allowed both national legislation and businesses collecting and processing personal data to prepare for the entry into force of the law. After May 25, sanctions will be imposed on any processing of personal data in violation of the GDPR. Companies that commit breaches of the rules enacted by the GDPR incur up to 20 million euros or 4% of the annual turnover of fine.

What’s changing on websites?

It will be necessary to provide the users with a clear and precise information which data will be collected and for what purpose in order to obtain or not its consent. In addition to giving the user the right to act on his data, the company must keep a record of consent in order to defend itself in case of complaint and the control of the CNIL that would result.

What impact will the GDPR have on natural referencing?

In fact, not much since the ranking criteria of a website does not depend on how the data are collected or a number of subscribers to a newsletter.

And no search engine has yet indicated that the compliance of a site with the GDPR would become a ranking criterion. That said, this is not a reason for not complying on the one hand, and maybe in the future, this criterion will be taken into account on the other hand. You never know with the search engines.

The impact of the GDPR on SEO will be more subtle especially on the side of the UX and analytic data collections.

Another reason to put SEO and UX in relation?

Yes, again a reason to put SEO and UX in relation. As we know the use and ease of access to information of a site participates in its good ranking in the search engines. And the consent request that will have to be offered to users from May 25th will probably be presented on most sites in the manner of a request for acceptance of cookies. It will then be necessary to bring the consent request in the most user-friendly, and the least heavy in bytes so as not to impact the site loading speed.

An ill-thought-out, invasive pop-up window that puts the user experience at risk could scare your visitors away. And the flight of visitors inevitably leads to a loss of positions in the rankings of search engines. And it’s the same idea for a device that would require a lot of resources, which slow down the loading of your pages and which would, therefore, risk seeing your visitors leave as quickly as they arrived.

Analysis tools and data collection

In a newsletter addressed to its users, Google announces that the necessary measures are taken for the deployment of the GDPR. The newsletter informs us that precise data retention parameters will be put in place and will make it possible ‘to determine the storage duration of the data relating to the users […] As of May 25, 2018, these data will be kept according to the defined parameters. Google Analytics will automatically delete those that exceed the chosen retention period. Google encourages you to review these data retention settings and change them if necessary.

The newsletter also informs us that ‘Google Analytics and Analytics 360 will continue to offer different rules and features related to the collection, use, and retention of your data, to help you secure them. For example, you’ll have features for customizable cookie settings, privacy settings, data sharing settings, deletion of data when you disable an account, and IP anonymization. They may be useful when you assess the impact of the GDPR on the specific situation of your business and the integration of Analytics. ‘

In conclusion, it will be necessary to be vigilant on the way to collect the data of the visitors of your website.