GDPR-feature-image

How to send a compliant email campaign after GDPR’s enactment

With GDPR deadlines nearing, we understand that many marketers are worried about connecting with their leads and customers without breaking the law. GDPR’s enactment ends the era of legally sending marketing email to almost anyone by simply including an unsubscribe link. GDPR mandates businesses get consent from recipients before sending marketing emails.

To help marketers like you, we have defined clear guidelines based on 99 articles from GDPR rulebook:

Step 1 – Clean house and eliminate duplicates

If you have duplicate records with different email subscription statuses, it’s easy to accidentally reach out to leads and contacts who have unsubscribed from your marketing emails – thus breaking the law. To prevent that from happening, conduct an audit of your current database of subscribers or leads to eliminate any duplicates.

Step 2 – Get double opt-in consent before May 25th, 2018

GDPR requires that you obtain clear, unambiguous permission to send marketing emails. This means getting a double opt-in consent by sending an email request to the subscriber asking them to confirm their subscription. The template below is what we send to our contacts.

confirm-subscription

Step 3 – Use GDPR compliant web forms

If someone wants to subscribe to your email newsletter through a form submission, she or he must explicitly consent to it. That means showing an un-ticked checkbox with clear language – “I would like to receive marketing emails from [Company X]”. Not asking at all or providing a pre-ticked checkbox no longer counts. Remember, this is just to get permission to send a double opt-in and should still be followed by a double opt-in whenever possible.

web_form_GDPR

Step 4 – Store consents

Consents should be secured in a difficult to falsify way – via email – so your contacts are unlikely to dispute that they ever provided it. To ensure that consents don’t slip through the cracks, we recommend that you store them within your CRM tool. Having subscribers and their consents in the same tool saves you the hassle of switching between applications to find it, leaving no room for costly errors. The screenshot below gives you a snippet of how our customers use Vtiger to store consents.

Consents

Step 5 – Use GDPR compliant email templates

Now that you have received and stored consents from your subscribers, it’s time to send emails that adhere to the GDPR rules. Whenever you send an email to a contact, it must be as easy for them to opt out as it was for them to opt-in. That usually means including a link at the bottom of the email that leads the recipient to a page where they can manage their preferences. The screenshot you see below is the footer that we use in every email that’s sent across to our customers. As you can see, they can opt-out and manage their preferences with the click of a button.

unsubscribe-GDPR

Consequences of non-compliance with GDPR

If you follow the steps above, you will be safe 🙂 However, for those who don’t, there will be two levels of fines. The first is up to €10 million or 2% of the company’s global annual turnover of the previous financial year, whichever is higher. The second is up to €20 million or 4% of the company’s global annual turnover of the previous financial year, whichever is higher.

These fines are not mere statements. Prior to GDPR, the Information Commissioner’s Office of the UK already prosecuted three incidents that involve household brands like Flybe, Honda and Morrisons for sending more than a million marketing emails to people who had opted out of receiving them.

Summing up:

The weeks leading up to 25th, May 2018 are going to be challenging for marketers across the globe. Managing consents and preferences for thousands or millions of subscribers without disrupting your business is challenging.

Vtiger’s new GDPR and privacy management tools make it easy for you to comply with GDPR by giving your customers and email subscribers a place to go to manage their preferences. Use these tools to manage all consents and even trigger email marketing campaigns in line with GDPR law.

Is your marketing team GDPR ready? Let us know in the comments section.