In times of increased social distancing, brands and businesses are relying on email marketing for generating sales and maintaining continuity. With that being said, bad press, legal issues, and penalties have become a big issue for email marketers who are unable to ensure proper compliance with the GDPR. With more and more businesses seeking help and guidance on the topic of GDPR compliance, the demand for data protection officers as a service has risen sharply over the last few years, by as much as 700%.
If your organisation wants to understand better the nuances of GDPR and how they apply to email marketing activities, you have come to the right page. In this article, we highlight the strategy email marketers should follow to keep their campaigns fully GDPR compliant, and also share some examples to make things clear. First, let’s understand what’s valid consent and why it’s necessary for maintaining GDPR compliance.
Gaining valid consent from data subjects
The UK GDPR and Privacy and Electronic Communications Regulation (PECR) require marketers to gain valid consent from their data subjects (or leads) before reaching out to them. To better understand what makes their consent “valid” in the eyes of law, here are some important points to note:
The consent needs to be highly specific and not bundled with any other terms or conditions. If someone has signed up for receiving your email newsletter, for example, you shouldn’t be sending text messages or social media messages, without separately requesting their consent for such modes of communication
It’s not considered lawful to gain consent from data subjects by forcing them to opt-in before they gain access to your products or services
It’s important to collect consent from the users by letting them explicitly suggest their interest in receiving emails from you. By using opt-in forms that make use of borderline shady opt-in mechanisms could land you in trouble.
You should make everything transparent and clear to the users, as to what they can expect after sharing their personal details and opting in to your email list
It should be easy and straightforward for the data subjects to unsubscribe from your email list any time they wish to do that.
Are GDPR guidelines different for B2B vs B2C email marketers?
Yes. B2C email marketers need to use valid consent as the lawful basis for their marketing activities, whereas B2B email marketers can use “legitimate interest” instead of valid consent as the lawful basis. In fact, if you’re running a B2B email marketing campaign, using just a simple soft opt-in would suffice.
However, irrespective of whether you’re a B2B or B2C marketer, you should ideally:
Remove from your email marketing database any contacts who are not actively engaging with your emails
Share in your emails an unsubscribe link to let your recipients withdraw their consent whenever they may please
Ensure that you’re not sending any relevant information to your email recipients
As a rule of thumb, keep your emails relevant for your audience and avoid sending out marketing emails to anyone who hasn’t specifically shared their consent to receive them. For email marketers who are not sure whether or not their campaigns are fully GDPR compliant, it’s advisable to work with their legal, data protection, and data privacy advisors in order to better align their email marketing strategy and protect their best interests.
