GDPR is changing the way companies conduct email marketing.
Time is running out for companies to be GDPR compliant. Companies that are not already changing their marketing practices to keep up with the new law need to get started before it is too late.
With the General Data Protection Regulation, or GDPR, going into effect on May 25th, 2018, it is important that marketers ensure their email marketing programs are compliant. With this new data protection regulation, the number one question many marketers are asking is how they will collect and store data consent from their customers.
5 Things You Must Know About Email Consent Under GDPR
Consent Requires a Positive Opt-In
Under the new data protection regulation, for consent to be valid, customers must actively confirm their consent. Under this regulation, companies can no longer offer pre-checked boxes that use customer inaction to assume their consent.
Consent Requests Must Be Kept Separate from Other Terms & Conditions
Under the new GDPR compliance law, companies are not allowed to bundle their consent requests with their terms & conditions, privacy notices or any of their services. Under GDPR, email consent must be freely given and companies can no longer “trick” customers into signing up for their email newsletters.
Withdrawing Consent Must Be Easy
In Canada and the U.S., it is already mandatory for companies to offer opt-out options for customers. This is the same with the new European law and companies must offer easy to understand ways for customers to unsubscribe from email newsletters. Companies should offer ways to opt-out of email marketing without charging a fee, requiring any other information other than an email, requiring subscribers to log in, or asking subscribers to visit more than one page to submit their request.
Keep Evidence of Consent
With GDPR, companies not only have new rules for how they can collect consent but they also must keep records of this consent. Companies must keep evidence of consent that allows them to answer who consented, when they consented, what they were told at the time of consent, how they consented and whether they have withdrawn consent.
Check Consent Practices
GDPR does not only apply to signups after May 25th. This new regulation applies to all existing EU subscribers on a company’s email list. Companies that are not already GDPR compliant must audit their existing email lists and implement re-permission programs to ensure they are following the new law and avoiding GDPR fines.
GDPR Compliance Checklist for Email Marketing
How Will GDPR Affect Email Marketing?
The new GDPR is looking to give back power to the data subject. This new regulation gives people the final word on who their data is held by, for how long and for what reasons. This new law looks to bring peace of mind and greater confidence to people and businesses that work with companies. GDPR is helping to reassure customers that their information is not being misused. GDPR is leaving marketers with only the most relevant and compliant data that is pertinent to their needs. This will ensure the subscription lists marketers have are of the highest quality. Some new tasks marketers will have with this regulation is unbundling consent and other policies, creating clear and easy to understand opt-in and opt-out solutions and keeping records to provide evidence of customer given consent.
With the new GDPR law going into effect soon, marketers who are not already compliant need to get to work now to ensure they are following the law before it is too late. GDPR is not looking to make life harder for marketers but to put more power back in the hands of the people who own the data companies want so desperately. It is important to know the terms and conditions of this new law to be compliant and avoid legal issues.