Breaking News

GDPR Email Marketing Explained Simply learn Email Marketing

In Post You Will know about dealing with GDP our GDP our or the general data protection regulation is now in effect this governs any data activities on all European citizens so regardless of where your, 

GDPR Email Marketing Explained

Business is located if you collect store or utilize data from citizens of the EU then you are subject to these legal requirements the purpose of this legislation is to create consistent and, 

Enforceable requirements to protect the right of any EU citizen to the privacy and security of their personal data to make this clear gdpr applies to any business located in the u or outside of, 

The EU if you have any data on EU citizens or if you email anyone within the EU even if you are in a country outside of any European Union countries this still applies to you this applies, 

To anyone who collects data such as subscriber data records organizes or stores any of that data and performs any operations on that data this is the most extensive regulation on data privacy to, 

Date however it will certainly not be the last as more data is collected and maintained on people companies have to be responsible and accountable for that data this is the goal of that legislation now let's cover the, 

Implications of GDP are for marketing in general first of all any user has the right to request their data from any company that keeps or maintains records as an, 

Organization who maintains this data you'll need to have a clear process for users to request their data so a form or automated process to download in addition there should be a mechanism, 

To clearly confirm the identity of the individual requesting the records a company may not modify the information or delete the information unless deletion is specifically requested by the user companies have one month to, 

Fully comply with the right to request and the information must be delivered in a readable and portable format this enables individuals to take their data and move to another account or to simply review all of the information a company, 

Has in their records to protect the company and the user it is recommended that the entire right to request process is documented and noted from the request to the processing to the delivery as I, 

Mentioned before this regulation applies to anyone who collects keeps or processes data this has an extensive reach as something as simple as segmenting a mailing list can be, 

Considered processing of data for example if you segment your list based on the location of your subscribers then you have processed their personal data in addition if you use the data to determine a relevant offer based on, 

Their interests that is considered to be processing of personal data as well this applies to both a company that collects and uses email data and to their third-party provider such as an email service provider this is considered a, 

Shared responsibility as companies develop the data acquisition mechanisms and then use them for marketing and the email service provider stores and provides processing tools for those, 

Companies in the right to request users have the right to request their data but in addition users had the right to know about the purposes of the data processing or the activities that a, 

Company performs with their data for example what data was used to segment a target advertisement to them and how is there data being used for personalization of content this includes, 

The categories of personal data and the existence of automated decision-making including profiling this is very extensive and companies will have to be upfront with how they will use personal data in addition companies will also, 

Have to disclose relationships with third-party providers that will have access to the data or store the data this includes the use of a CRM customer relationship marketing database an, 

Analytics provider or an email service provider if a company is performing targeted advertising based on personal data then all advertiser relationships will have to be disclosed along with noting the data that is being, 

Shared as mentioned before users have the right to not only request the personal data a company has on them the data must be available in a portable commonly used machine readable format now this has typically been carried out, 

In PDF Excel or comma delimited formats the user has the right to take this portable information to another company another right that greatly affects marketers and companies is the right to be forgotten or the right to erasure any, 

User can request that any and all data be erased this can happen when the personal data is no longer needed for the original purpose also individuals can withdraw consent for any data, 

Processing this action has to be taken without delay according to the regulation the only exceptions to this are reasons of public interest public health and any scientific or historical research this does not apply to, 

Marketing and it is a stretch for any company to use this as a defense when performing marketing operations now let's look specifically and how gdpr relates to email marketing the first issue that affects email, 

Marketing is the opt-in process for subscribing to marketing communications the term used in the regulation is unambiguous consent this is also referred to as express consent this means that the user must make an, 

Unmistakeable action to opt-in this also means that there is a clear statement of the purpose or agreement of how the data will be used if you are using checkboxes they are not to be pre checked, 

Pre checked boxes are not considered to be expressed consent the goal is to provide the user with clear terms and a proof of consent by completing the form there should be an unambiguous exchange, 

Of user information in exchange for the opt-in marketers will need to review all of their existing forms and landing pages to make sure that there are no pre checked check boxes and that the terms of the opt-in are clearly shown in this example you can see that there are no, 

Check boxes and that is fine this while simple is an example of express consent there is a clear statement of what the company will do with the information subscribe to our newsletters and by completing the form the user will have, 

Clearly opted into the agreement now while a double opt-in function is not a requirement for verification of consent most email marketers are recommending this as a quality assurance measure for companies this may also be helpful as, 

Further legislation is created to protect consumers from unwanted marketing communications this is an example of the double opt-in after the opt-in the user receives an email to, 

Verify that the correct address is used and the user clicks the link to verify the address and verify the opt-in while it is not required it will certainly add another layer of consent verification for marketing activity, 

The second issue is the opt-in form and there must be separate opt-ins for each separate offer for example if your users must accept the Terms of Service the Terms of Service cannot include receiving marketing communications each, 

Agreement must be separate as a practical application of this if you offer a white paper or a research document to download with a registration then opting into a newsletter cannot be part of that registration it must be, 

Offered separately this practice is called bundling consent to receive marketing communications must be given separately it cannot be bundled together with a white paper download a webinar registration or even a contact form here is a great illustration of what not to do as you can see here I was unable to, 

Complete a transaction on this website as I first had to agree to the terms and conditions however the first point in the Terms & Conditions statement is an, 

Agreement to receive marketing offers and communications this is not compliant by any means as a user cannot purchase from this website without opting into marketing communications the third major, 

Point is not only having opt-in consent but for companies to have proof of that consent this is where using a third party email service provider enables a clear record of consent important data points to prove consent include the, 

Subscribers name the date of consent the subscription date what they agreed to how they consented whether by a website forum or checkbox on a checkout form if that subscriber has unsubscribed then a record of the withdrawn consent must, 

Also be provable as you can see from this screenshot of an email service provider the status of the subscriber the source of the octant the date of the opt-in are all part of, 

The reporting and subscriber record clear consent terms must be presented if you are sending the same newsletter to everyone without any processing or segmenting of lists then the only terms, 

Are to receive the newsletter if you are processing the list to determine personalized or regionalised offers or segmenting by any user data points then that processing must be disclosed for example if you operate a contest on your website and to enter a user provided, 

Their email address then that is the only way that you can use that data for the contest you cannot then add that user to marketing communications or a newsletter list the reason is is that if the original terms were only for a contest then those were the agreed-upon terms between you the company and that, 

User for their data to be used there must be a clear and easy unsubscribe process a user must be able to unsubscribe with minimal this means that a fee cannot be charged to remove a, 

Subscriber the unsubscribe process must be limited it cannot be a multi-page process or ask for any information beyond confirming the email address if there is an account the user does not,

Have to login to unsubscribe finally re-engagement emails well this is a popular technique used by marketers in other parts of the world it should not be used in the EU companies are not, 

Allowed to contact a user if they have unsubscribed from communications one company Flybe was fined seventy thousand pounds for deliberately emailing unsubscribed users this becomes a vitally important issue for companies that utilize re-engagement emails you will have to verify the recipients, 

Location prior to sending those emails so what are the actions that email marketers have to take in the light of these ray Galatians the first step is to audit, 

Your current list you'll need to ensure that your existing list of subscribers was gathered in compliance with gdpr requirements you don't always need to get reconsent if you can already show,

Consent your current list must show a clear and affirmative opt-in action and this must be provable either with an existing form or a screenshot of the past form this consent must also be recorded along with the terms of the, 

Agreement so what does that mean here are three essential questions to ask about your current email lists 1 did they opt-in to your list and can you prove it the implication here is that if, 

You have email lists where users have not explicitly opted in but you gather those emails from other sources list brokers websites purchase lists or other means then there is no explicit consent to on your past subscriber forms did you, 

Clearly state what the subscriber is agreeing to what they will receive and how you will use their data 3 can subscribers unsubscribe as easily as they subscribe this means that you, 

Cannot have an unsubscription mechanism such as requiring a user to reply with unsubscribe in the email subject line or call a phone number or any other means besides a quick one-page unsubscribe form if you can show a proof of consent, 

Along with the date and time of the opt-in the source of the opt-in such as a webform a campaign landing page form or an API form from another website such as Facebook and have a screenshot of the landing page or signup form if all three of these requirements are met then you do not need to require consent however, 

If you do not have explicit consent provable consent or evidence of agreement and collection mechanism then you may need to reacquire prove full consent as part of this audit marketers must review all of their, 

Campaign landing pages subscription forms registration forms and contact forms review each of these to make sure that there is an explicit opt-in mechanism make sure that each opt-in is separate along with clear terms of what will be collected how the data will be used and what the user will receive an,

Exchange be sure that none of these sources have bundled opt-in agreements but that each separate agreement is clear as such each landing page or data collection page should also have a link to your company privacy policy and data policy for the user to review finally review your newsletter and all email, 

Communications to ensure that the company address privacy policy an unsubscribe link are included in each and every email then review the unsubscribe process it should be a one page single click process the unsubscribe should happen immediately, 

This is the advantage of working with an email service provider as these requests are handled through their system processed immediately and the user, 

Record is updated do not ask for additional information request payment or have a multi-page process the unsubscribe process should not be hidden or obstructed in any way finally this regulation is a great opportunity for, 

Companies to review and update their privacy policies first a privacy policy should be clearly written for people to understand it should outline the data that you collect directly such as email addresses users names and if you collect, 

Page visit data in addition a cookie policy should be outlined if not already addressed in a separate document the privacy policy and the cookie policy must outline the types of information collected how it is used if it is shared, 

And with it is shared it must also state where the users data is stored and processed user rights must also be addressed with links or instructions to request their data request to be forgotten and data portability.

No comments