On 25 May 2018, the General Data Protection Regulation (GDPR) will come into force, and if you’re not compliant, your entire email database could be under threat from extinction… or is it?
There’s some confusion as to what the rules are with regards to email marketing and the level of consent you need to email the people in your database. In this blog post, I’m going to look at the consent you will need to obtain in order to continue to email your database, from both a B2B and B2C perspective.
Before we dive into the differences, let’s set the scene.
You run an ad promoting your latest guide or piece of content. In order for people to access your guide, you require them to complete a form asking them for their email address.
The form asks for the following information:
An individual from a company visits your website from your advert, fills in the form with their work email address and downloads your guide.
You can email the guide to the recipient and you can send further marketing emails, without the need for consent. This goes against the very foundation of GDPR, which says you must get explicit consent to continue to email individuals beyond the purpose of the original data capture i.e. the guide download.
This was down to a U-turn from the European Commission earlier this year who decided to relax the rules around business data, in effect making it no different from the data protection rules that already exist today. However, you must continue to give recipients the ability to opt-out of future emails and include a privacy notice to tell individuals how their data will be processed (a link to your GDPR compliant privacy policy will go down well here!).
An individual visits your website from your advert, fills in the form using their personal email address and downloads your guide.
You can email them the guide, but that’s it. Done. Furthermore, you can’t keep their details on your database because their data is no longer relevant. You’ve fulfilled the “transaction” by sending them the guide, which means you no longer have the right to retain their details.
To add them to your database and continue to market to them, we need to backtrack a bit. The form we’ve created needs to be edited for B2C contacts. As GDPR requires the specific opt-in of your contacts before you can email them in future, you need to obtain consent at the point of the form completion - you can’t do this afterward.
You need to add the following to your form:
Easy. Get it GDPR compliant. If your B2C database isn’t GDPR complaint, as soon as the clock strikes midnight on the 25 May 2018, your email database is finished.
If you currently have a subscription form with a pre-ticked box, then you’ll need to get all your B2C data to opt back into your emails before 25 May! If you haven’t done so, start emailing your database now to get them to opt-in. One thing we recommend is adding a GDPR message into your current emails, such as newsletters and product offerings, with a link to a form asking them to opt back in. You should highlight the challenges they’ll encounter if they don’t opt-in – such as not being able to read the great content you’re currently sending them!
If you use a marketing automation system, such as Constant Contact, you can create dynamic content which means that as soon as one of your leads opts back in, they stop seeing the GDPR message, while everyone who hasn’t opted back in keeps seeing it.
This can be difficult. But there are a few things you could do:
But the problem with all of the above is that they can be prone to error. One sure-fire way of staying GDPR compliant is to treat your B2B and B2C contacts the same.
If you need help making your email database GDPR compliant, get in touch to see how The Marketing Eye can help.
by Darren Coleshill, 4 minute read
by Darren Coleshill, 5 minute read