The introduction of GDPR should not have escaped you. GDPR stands for General Data Protection Regulation and comes into full effect on May 25, 2018. It has worldwide implications. While GDPR may not apply to your exact country, it has set a new benchmark standard that we should all adopt.
Many organizations have been following best practices as they have evolved over the last decade in how they seek explicit opt-in consent. But, not all. The playing field is now officially levelled.
HubSpot notes “We see the GDPR as an opportunity, not an obstacle. The GDPR like other data protection laws is created to provide better experiences for our customers and for the people that trust us with their data. In that way, it’s perfectly aligned with the concept of inbound. Be relevant, be helpful, be transparent and you’ll be on your way to compliance.”
1. An honest exchange
Providing your name, email address and location can be a reasonable exchange for something of value to you. You should ask no more than is necessary. For us, requesting your date of birth to access a wifi network, for example, is never appropriate or reasonable. Be transparent, tell the person what they will receive in return and what you will do with their data.
3. Email list degradation
Hubspot reports that email list degrades at 22.5% every year. People change jobs and providers resulting in hard bounces. We see it as positive when a customer unsubscribes. We understand that a particular topic may have been relevant to someone when they first opted in, yet are no longer relevant to them. This is natural and OK. It should also encourage marketers to seek to remove contacts that have demonstrated no engagement within the last 12-months. The option to unsubscribe must be visible and intuitive. Unsubscribe links that lead nowhere or require you to log-in to an account have never been acceptable.
4. An end to purchased email lists
No organization should purchase a list of email address. Period. We would never recommend this to any customer. It has always been a poor investment and is not compliant with GDPR. You would be unable to show the exact conditions when the contact provided consent. Yeah. We are celebrating the demise of purchased email lists. As noted above too, by the time you acquired the list it had already severed degraded.
5. Full data deletion
An individual can now request that all historical data is permanently deleted from an organization. This has never before formerly existed in such a mandated way.
Excellent GDPR resources
The significance of the GDPR date has prompted many of the leaders in email marketing such as HubSpot and MailChimp to provide excellent easy to understand pillar pages. We have included some here. We are still learning too.
- New GDPR Tools Available from MailChimp
- HubSpot GDPR PlayBook
- HubSpot GDPR pillar page
- Netigate post on how GDPR affects surveys
- ICO Guide to the GDPR
We appreciate that for many small businesses and non-profits using paper-based sign-up sheets, spreadsheets and basic email clients this is concerning. There is hope. The need will drive the use of inexpensive tools available. HubSpot, MailChimp and others have signalled that they have made themselves compliant and are supporting the transition for their customers.
Good luck online.