The new GDPR policy is everywhere.
It’s a towering, shadowy acronym that has everyone in the marketing business quaking in their loafers.
You are likely fully aware of this relatively new regulation thanks to the “Re-Subscribe” emails that filled all of our inboxes for so long. It’s a regulation that affects all marketers who target European clients, and it’s important to know where you stand.
Here’s why you don’t need to be afraid of the GDPR policy:
Knowing how it works will keep you safe from any wrongdoing.
You’re going to be okay. I’ll show you how to make sure that you are GDPR compliant.
Knowing Which Regions Are Affected
This is important: the GDPR policy only affects you if you are targeting companies and individuals within the EU.
Your business may have opted to apply GDPR principles across the board, but this is not a requirement legally. Using the same processes for shared systems is a good idea, but email campaigns are different in this regard.
Applying the principles to all of your targets globally adds a ton of work to your plate and makes it difficult to maintain productivity. I recommend following GDPR principles only for businesses within the EU and in countries with similar anti-spam laws such as Canada.
The Definition of Consent
The old EU regulations required an opt-in, allowing businesses to send emails to clients.
The difference introduced by the GDPR policy is the level of transparency required. Your wording must be specific as possible to ensure that you fully and clearly communicate what types of data you collect and how you use it.
There are additional crucial details such as ensuring that check-boxes for opt-ins aren’t pre-checked. Compare your current opt-in campaign to the GDPR requirements, and you may find that you are already compliant.
There are still legitimate reasons why you’re receiving all those opt-in emails in response to GDPR:
- Fear & Confusion:
GDPR strikes fear into the hearts of many marketers, preventing them from fully understanding the requirements. These companies often assume that they need new opt-ins, when this is not necessarily true.
- Safety First:
Many business want to make sure that they are 100% compliant and that minimal issues occur down the line. Older opt-in records are sometimes not considered robust enough under the new regulations and companies are responding by re-checking their compliance.
- Bad Records:
A lot of the time, business have pretty bad records of their email subscriptions. Companies are also using GDPR as an opportunity to improve the quality of their databases.
Let Them Go
People unsubscribe, opt-out, and remove themselves from email lists all the time. It’s a normal part of the process and you need to respect that. Offering links for unsubscribing is key, as well as a simple and transparent process that works.
There’s no point in trapping people in to receiving your emails, and with the regulations around GDPR, it could get you into trouble.
What Did GDPR Change?
There are specifics to GDPR changes that are very important to take into consideration. The two main ones cover the primary concern of GDPR: Data protection, and erasure.
- The Right of Erasure:
Erasure Requests occur when a person on your list requests you to delete all of their data. The most common example of this is the use of an “unsubscribe” link. You need to delete the data of any client who requests it. You’ll also need to remove them from all future email lists. Ensure that you create specific and clear wording to explain that the client’s email address must be retained and added to a “suppression list” to ensure they don’t hear from you again. Managing their understanding of the process is key.
- Right of Access and Portability of Data:
Your EU users have every right to request to see all the data your business has related to them. Your business model will affect how much data you have collected. Many companies only retain names and email addresses. Should you have more data than this, you’ll need to make sure you can find it and provide it to the user when they ask for it.
The Bottom Line
GDPR is easy to comply with when you understand what is required. The first step is to check out your business model to see how much you need to change to remain compliant.
For many, the biggest challenge GDPR introduces is the creation of clearer, more transparent content to manage client understanding and expectations.
Remember, knowing is often half the battle!