When General Data Protection Regulations (GDPR) came into effect back in May 2018, businesses across the globe had to take action to ensure they had strong data protection systems in place. For some, this meant making some big changes. One of the areas most affected by these new legislations was the collecting and storing of personal data to use for marketing purposes, a tactic that businesses have heavily relied on over the years.
Individuals now have more rights with regards to accessing and deleting their data, plus businesses must do more to collect and protect this information, ensuring that they are compliant with GDPR. This has had a huge impact on email marketing and how businesses run their campaigns. In this guide, we’ll cover how you can run an effective email marketing campaign while ensuring that your business is GDPR compliant every step of the way.
What does GDPR mean for email marketing?
First, let’s briefly touch on what GDPR means for email marketing. Gone are the days of using underhand tactics to create a huge email list, storing email addresses for years, and sending out thousands of emails to potentials users/customers. And to be honest, this is a good thing!
Nowadays, businesses must obtain explicit permission from a visitor of their website to collect their information and to add it to any sort of list. What’s more, they must outline how they intend to protect this data from a security breach and how they plan to use the information in the future (for example, for sending them promotional emails).
In some cases, businesses must also obtain re-permissions from customers on old lists and they must ensure all their lists are updated regularly. While this might mean some businesses see an initial drop in the size of their email lists, it’s good to know that everyone who has explicitly opted into the list truly wants to be there and is, therefore, more likely to engage with the brand or products. So, in the long run, GDPR has had a positive impact on the email marketing efforts of many businesses.
How can you run a compliant email campaign?
In this next section, we’ll look at the simple steps you can take to help you run an effective email campaign whilst ensuring that your business is GDPR compliant. If it is found that for any reason your business is not compliant with this legislation, you could face a huge fine and a damaged reputation. So, it’s best to ensure that any campaigns you run are firmly within these guidelines.
-
Gain permission from your users or customers
If you plan to run email marketing campaigns, you might have pop-up forms or sign-up boxes on your web pages. These must ask visitors to give explicit consent for their information and email addresses to be used and you must have somewhere on your site that outlines how this data will be stored, protected, and used in the future. You must also ensure you’re not using any underhand tactics to try and build your list. For example, it is now against the law to use pre-ticked boxes or to use unclear language to try and trick people into consenting.
So, in a nutshell, you’ll want to create a clear and concise sign-up option for visitors to your site. If you’re promising to send them information that is genuinely valuable to them, then they’ll want to be on your list. Just make sure everything on your site is GDPR compliant, including your sign-up forms.
-
Audit your lists
Depending on how frequently you run email marketing campaigns, you may already be on top of your email lists. As part of GDPR, businesses will have had to regain permissions from everyone on their lists pre-May 2018. If you haven’t done this already, you need to put together a re-permission campaign to ensure that everyone on your mailing list still wants to be there. This gives people a chance to opt in or out. If they don’t reply to your email at all it’s best to just remove them from the list.
If you’ve already run a re-permission campaign it can still be a good idea to audit your email lists before sending out new communications. It also pays to separate out your lists. For example, if a customer opted-in for a Christmas promotion, this doesn’t mean you have the right to target them all year round. Creating separate lists can make these easier to audit and update. Once you’re happy that you have explicitly gained the consent of everyone on your list, you can begin your campaign.
-
Make sure there’s an unsubscribe button
Another hugely important part of GDPR and running an email campaign is giving your visitors or customers the opportunity to opt out if they no longer want to receive marketing materials from you. This should be done in the email you send, making sure there is a visible ‘unsubscribe’ button at the bottom. This should also be a simple process, individuals should not be made to jump through hoops in order to unsubscribe, it should be one click and done. If someone unsubscribes, they need to be removed from your mailing list immediately.
-
Be careful when using automated systems
Automated systems have saved businesses a huge amount of time and money over the years and this is particularly true for email marketing. Automated emails save marketers hours of time having to manually prepare and send promotions, these can also be scheduled ahead of time so that no one has to even be in the office for them to go out.
The problem is, robots don’t know about GDPR, this part of the process still relies on a human making sure that all lists are up to date and that these emails are only being sent to those who have explicitly consented. So of course, it’s fine to use these automated systems, you’d be crazy if you didn’t! But in order to ensure these help you to run a smooth email campaign, you first need to make sure you’ve done all of the above and that your lists are up to date.