The new EU General Data Protection Regulation (GDPR) comes into effect on May 25, 2018.
It is a collection of rules that protect the personal details of all European Union citizens from unauthorised access.
All these go to show the importance attached to people’s data privacy.
This new GDPR privacy law is making all email marketers to rethink their strategy.
We need to consider whether email marketing is still worth it. Consider all the risks involved now regardless of whether you are a citizen of the European Union or not.
Fines for breaches range from a maximum £500,000 to about £17.5m or 4% of global turnover, whichever is the higher. Yikes!
Mind you, don’t think if your organisation is not in the EU, the GDPR does not concern you. It affects everyone!
To show the importance, Facebook has said that their policy will apply to everyone whether or not you live in the EU.
So it is only a matter of time that many governments and organisations worldwide adopt similar policies.
Thus, you had better start preparing if you have not done so already. The deadline is around the corner.
This necessity is why you have probably noticed our cookie notice in that black bar with the blue button on this website.
What else can email marketers in particular and organisations do to ensure that they are implementing best practices?
Things You Need to Cover
Here are a few of the items you need to cover.
- Don’t use pre-ticked opt-in check boxes on forms on your website. Your website visitors must directly confirm their consent by ticking the box themselves.
- When asking your website visitors to subscribe to your newsletter to receive marketing messages from you, don’t force them. They must give you their explicit consent that they are interested in receiving your marketing messages. If you are offering them something like a pdf download, they should be free to download it without signing up for your newsletter.
- Each email newsletter or marketing and promotional email you send out must and in simple terms include an option for the person to unsubscribe. You must charge no one for unsubscribing. You must not require any further information from them before unsubscribing. Neither must you need them to log in or visit any other page on your website to unsubscribe.
- Henceforth your organisation needs to be very serious about record keeping. You need to keep records of who is giving consent, when and where they provided consent and what message you sent them when they offered you consent and so on.
- You need to audit your existing mailing list to see whether you complied with the above requirements when you captured the data. If in doubt the best thing is to scrap your mailing list and start all over.
If you have a mailing list that you have not mailed to in a long time or one that most of your subscribers do not read or engage with your mail or you get a high bounce rate, the best thing is to start over.
Note that GDPR only applies to existing EU subscribers on your mailing list. It does not affect sign-ups that occur after May 25, 2018.
Over to You
What are your thoughts on this whole GDPR issue? Share your thoughts in the comment below.
All these legal jargon has made me hungry! Do you want some cookies?
I am not an expert in GDPR. I do not intend this article to be an expert guide on GDPR or anything of the sort. I am writing this based on my little understanding. Do your research and seek legal counsel if you need to know more about GDPR for your specific circumstance.
Did you like the article? Please pin it!