May 25th, 2018 is the deadline for companies dealing with users personal data to comply with the new General Data Protection Regulation, shortly known as GDPR.
There are many resources explaining the measures each company has to take, depending on the industry it operates in. Many companies, however, regardless of the industry, use e-mail as a means to communicate with their customers or potential customers, market their services or products to them. And because the e-mail address is part of the user personal data and falls under the new regulations, the first step for businesses to keep their email marketing campaigns rolling is to adhere to GDPR when it comes to how they get the consent to contact people by e-mail.
Until now, an e-mail address stored in the contacts list meant one more message good to go. Storing an e-mail address didn't raise any problems at all: pre-checked boxes, sign-up based on social media accounts, over-sophisticated terms and conditions and many other similar practices fuelled e-mail marketing on a more or less legal and ethical base with the one thing they needed to get started – recipients.
The days when you can still elude straightforward consent for using the e-mail address in marketing are counted. According to the 4th article of GDPR, consent is a “freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her”.
In practice, email marketers will find themselves no longer able to rely on emails provided without the owners being presented the perspective of receiving regular messages in their inbox.
What type of e-mails you need to let go of to become GDPR compliant
The category of emails you will need to discard from now on includes (but it's not limited to):
e-mails from users logged in with their Facebook, Google or other social media account, who granted you the permission to collect their e-mail address, without being explained what the e-mail will be used for. The challenge will be to re-adjust the quick login flows based on social media accounts so they can include a request for the explicit consent to subscribe to newsletters. So far, haven't seen many adjustments here and big names handling millions of users data still don't explain to the users that their e-mail will be used for establishing a communication with them. Moreover, the user's preference to receive emails is by default enabled after logging with Facebook.
The consent is not GDPR compliant unless you can prove it
Apart from being freely given, specific, informed and unambiguous, the consent must also be traceable. This means that, in order to market your business to someone by e-mail, you'll have to be able to prove that he/she expressed their consent.
This new regulation pushes businesses one step further towards digitalization. So, if you think that changing business cards with several people during a networking event makes them automatically eligible to be part of your e-mailing lists, forget it. Each business that wants to keep communication by e-mail with their customers or leads alive, needs to invest in processes and technology that will help them log the users' intent to receive emails.
What to do if the e-mails in your list were not obtained according to GDPR standards?
The answer is simple: you ask for a re-consent.
Contrary to some widely spread opinions, GDPR doesn't make it an obligation for businesses to ask for re-consent if the consent obtained before GDPR era is compliant with the new regulations.
Asking for the re-consent will be one of the biggest challenges e-mail marketers will need to overcome, the main fear being that many of their contacts will no longer re-consent and therefore they'll not be eligible anymore for their campaigns.
Looking on the bright side, GDPR offers email marketers the opportunity to rebuild relations with their recipients, create more engaged audiences and focus on the quality rather than quantity.
To learn more on the adjustments you'll need to make, read also our guide for helping e-mail marketers become GDPR compliant.