Affiliate Marketing and Legal Considerations
Affiliate marketing is an increasingly popular marketing method that raises particular legalities you should be aware of.
If you're a business owner running an affiliate marketing company or a blogger who participates in affiliate marketing, read on to find out about some legal requirements you need to be familiar with.
- 1. What is Affiliate Marketing?
- 3. What sort of legislation needs to be considered?
- 3.1. CalOPPA
- 3.2. GDPR
- 3.3. PIPEDA
- 4. Collecting Personal Information as an Affiliate Marketer
- 4.1. Name and contact details
- 4.2. Customer profile information
- 4.3. Customer history
- 4.4. Communication records
- 5. Include a Disclaimer
What is Affiliate Marketing?
Affiliate marketers earn money by signing up with a company or network of businesses and selling their products and services.
It's considered quite lucrative, especially in the age of Instagram-fame where someone can earn over a thousand dollars per photo just by including a specific product.
Affiliate marketing is based on revenue sharing. It's marketed to consumers through whatever channels work best for the merchant company (also often referred to as the seller, the brand, the vendor or the retailer).
An affiliate marketer will be paid a commission by the affiliate program whenever they succeed in selling something to a customer. Affiliate marketing is quite a complex method of marketing because it involves a lot of potential for lack of transparency, inauthenticity and even dishonesty.
Here is a helpful infographic from the Federal Trade Commission that details the way affiliate marketing works.
Unfortunately, there are a number of unscrupulous businesses out there that use affiliate links to exaggerate the benefits of a product or service in order to encourage clicks and sales.
What sort of legislation needs to be considered?
Here's an overview of some of the legislation you should be aware of.
The California Online Privacy Protection Act (CalOPPA) is a legislation that was created and brought into effect by the California Attorney General's Office in 2004.
It was designed with the aim to provide more privacy to consumers in the disclosure of their personal data, and higher standards of protection from the companies that collect that data.
Even though CalOPPA is a US state-sanctioned law, it applies to any business - regardless of where they're located throughout the world - that deals with and collects personal information from residents of California.
As such, if there's even a slight chance of your company interacting with a resident of California, you're required by law to comply with CalOPPA.
The policy itself must divulge the kind of personal information you collect from your customers such as email addresses, names, phone numbers, physical addresses, payment information and even things like computer IP addresses.
It should also state the purpose behind the collection of this information, the way in which it's collected and any third-party services that the information might be shared with.
By following these requirements, you should be able to adhere easily to the CalOPPA legislation and avoid any issues that may arise from noncompliance.
The General Data Protection Regulation (GDPR) was designed by the European Union to replace the Data Protection Act of 1998 and the 1995 EU Data Protection Directive.
The purpose of the GDPR is to give EU citizens a better, more secure level of control when it comes to their personal data. It also acts to unify standards across the EU regarding data protection, making it an even playing field for all businesses and consumers.
The GDPR applies to any company that deals with EU citizens and their data. So, even if your business is based elsewhere in the world and/or have very little presence within the EU, it's highly likely that you'll still be required to comply.
The Personal Information Protection and Electronic Documents Act (PIPEDA) is the Canadian federal law that was brought in to cover the private sector (organizations that are owned privately rather than by part of the government).
PIPEDA applies to the personal information that is collected through the activities conducted by for-profit, commercial businesses, like selling, buying or leasing. Its purpose is to govern the way such organizations collect, use and disclose this personal information.
It requires that all personal information is collected through fair and lawful methods. Privacy Policies must be available and must include informative information that's also clear, concise and easily accessible.
Collecting Personal Information as an Affiliate Marketer
As an affiliate marketing company, the way you collect and handle customer information can have a big impact on the success of your company.
In order to do this correctly, you need to consider what kind of data you'll be needing to collect from customers.
Usually, most businesses (whether they're an affiliate marketing organization or not) will aim to collect the following data from their customers:
Name and contact details
Collecting this data allows a business to contact them directly regarding everything from marketing communications to purchases and feedback surveys.
Customer profile information
Having a clear customer profile is very important when it comes to affiliate marketing. It allows you to ensure you're targeting the right sort of customer by having a good idea of who they are, what they want, and whether you can help them.
A concise customer profile will include things like age, birthday, gender, job status, income, hobbies, likes/dislikes and much more.
Collecting the transaction history from every customer is essential in revealing the potential value of a customer, how likely you are to get repeat business from them, what products are most popular and when these products are being bought. This gives you a very valuable insight into how your products/services are being received, as well as the spending habits of the people who frequent your site.
Having a record of customer spending habits is essential as well, as it allows you to determine which customers pay in full, on time and which ones are more likely to take their time making payment, changing their order or even cancelling completely.
Keeping records of any communication had with both potential and current customers is a great way to monitor the effectiveness of such communication, especially when it comes to the frequency you're sending such communication, and customer response to it.
This data can be collected directly from the customer. However, there are also instances in which data is collected indirectly, which means there is another layer of privacy that must be considered.
There are two main reasons behind this mandate. The first and most important is to ensure a fair business playing field for all marketers. The second is to provide complete transparency to customers so they know when they're being sold to.
Include a Disclaimer
The disclaimer should let readers know if you've been paid for mentioning any product and/or service, and it should use clear, understandable language. It's also considered best practice to avoid technical jargon like "affiliate links" and stick to the more obvious terms like "compensation".
A simple wording for such a disclaimer would be one similar to the disclaimer found on Amy Lynn Andrews' blog:
A more extensive version of an Affiliate Disclaimer can be found at Smart Passive Income:
Learn And Master includes a very detailed Affiliate Disclosure Requirements and Examples page that includes acceptable and unacceptable examples of disclosure as well as a link to their Affiliate Manager, should anyone have any questions:
Don't think you're doing yourself a disservice by admitting to affiliate links. Being upfront about affiliations with any other parties is paramount in building trust and confidence between your customers and your company.
Disclose your links with confidence, keep nothing hidden and you will be able to find success in monetizing any avenue of affiliate marketing.