If you're on a Galaxy Fold, consider unfolding your phone or viewing it in full screen to best optimize your experience.
Buzz. Buzz.
You pick up your phone and tap the push notification. Your email app opens and reveals two unread messages in your inbox.
No, you did not finally get that email from your boss congratulating you on your latest success. And it isn’t your mom sending you an e-gift certificate to Amazon.
Instead, it is an email promotion for 15% off dog leashes from a national pet retailer. However, you don’t remember shopping from them, let alone subscribing to their email list. Delete.
The second message is from Lucy’s cupcake shop. While you love Lucy -- and of course, cupcakes -- you never did subscribe to her monthly newsletter. Now you feel somewhat violated that she added your email address without your permission. Delete.
This misuse of data and lack of transparency are among the many reasons why consumer data security remains in the spotlight. It is also why consumer protection is a priority for governing agencies and regulators, and why Europe established digital privacy legislation.
The European General Data Protection Regulation, better known as GDPR, is the result of the organized efforts by the European Union (EU) to regulate data and governance for data protection.
If your business is located in the EU, if you conduct business within the EU, or if you cater to an EU audience, you need to ensure compliance and GDPR consent for email marketing. In short, the requirements for compliance boil down to two specific actions: secure people’s data, and make it simple for those people to exercise control over their data.
GDPR was originally enacted by the EU in 2012 through the efforts of the European Commission. They set plans for data protection reform across the EU to prepare the region for the digital age.
In May 2018, the GDPR put forth a new set of regulations that sent companies into a slight panic. Marketers experienced more confusion about the changes than what parents are experiencing teaching “new math” to their fourth-graders during pandemic homeschooling.
The most recent changes impacted local content and targeted email marketing campaigns. Specifically, the GDPR changes were meant to reduce spam and avoid mass email marketing using black hat practices and information collected without permission.
The email privacy regulations require that email marketers use only data that was collected with explicit permission from the owner. The method of obtaining the information must be documented (with companies bearing the burden of proof) to show consent. Emails must also use encryption or another way to ensure that sensitive consumer data is transmitted securely.
To comply with GDPR, even as a small business, you may need to do any or all of the following:
Since no company wants to run the risk of forking over hard-earned dollars due to GDPR non-compliance fines, you may want to consider a re-permission email marketing campaign.
A re-permission email campaign is a way to refresh and update your subscribers’ email consent. This will keep your lists clean and give you a chance to be compliant with the law. As a bonus, it may also give your subscribers a chance to opt-out, which contrary to what many may think, is a good thing if they are no longer interested in your content.
So how should you launch a successful re-permission campaign to meet GDPR standards? Here are some best practices that will help you out.
The foundational aspect of GDPR in relation to email campaigns is consent. Meaning, did the consumer offer consent, and was their email address (and any other data) collected knowingly, freely, and with explicit and documented permission?
Consider how you created your email list and grew your segments:
You want to identify where your practices were not compliant. Then, determine how many subscribers need to offer consent and how that will impact your business. From there, you can create an email blast with specific messaging that will prompt your customers to understand your mission and opt back in.
Yes, you want to make sure subscribers update their consent so you can continue to market and send emails. However, what is the benefit for your audience? Answer that age-old marketing question of “what’s in it for me?” and encourage them to take action.
Craft a message with meaning and has a sense of urgency that will prompt action. Here are some examples of email marketing content that will achieve both:
These messages highlight the benefits for the subscriber and recommend taking action.
Whether you decide to use an email marketing software platform such as HubSpot or another provider, make sure the back end of your campaign is set up properly.
A few things to remember:
Your email re-permission campaign may perform well -- or it may not. However, you will still need to have updated consent to continue emailing your subscribers without being in violation of GDPR. Therefore, let’s avoid using the one-and-done approach.
Consider adding a call-to-action to update preferences and opt-in onto regular emails. Create a special call-out to get users’ attention. The more a subscriber sees the message, the more likely they may click and consent.
You might also consider placing the option for subscribers to update their email preferences on your website. Consider adding a banner or lightbox on your site asking if the visitor subscribes to your email and/or needs to update their profile. This may feel a bit more intrusive, but when done with creativity and great copywriting, it will seem less “in-your-face” than one may think.
While the re-permission campaign is a great start to cleaning your list, interacting with your audience, and building trust, you must ensure compliance moving forward.
This means that when you send any future email blast, go through the compliance checklist, which includes asking the following questions:
Stay compliant. Stay marketing. And stay out of the way of GDPR non-compliance penalties.
Our Small Business Expert
We're firm believers in the Golden Rule, which is why editorial opinions are ours alone and have not been previously reviewed, approved, or endorsed by included advertisers. The Ascent, a Motley Fool service, does not cover all offers on the market. The Ascent has a dedicated team of editors and analysts focused on personal finance, and they follow the same set of publishing standards and editorial integrity while maintaining professional separation from the analysts and editors on other Motley Fool brands.