Wondering why you receive massive amounts of emails from certain brands asking you to re-opt in to adjust personal preferences? The GDPR (General Data Protection Regulation) is the European Union’s new privacy law, which went into effect May 2018. It’s all about consent, and here’s why. 

All marketers concerned with GDPR must change their approach to collecting and storing user information. Changes are underway for how companies retain and seek personal information from email marketing.

Email Consent

To receive consent to add a user to an email list, there must be a positive email opt-in option. See image below. 

(Source: https://litmus.com/blog/5-things-you-must-know-about-email-consent-under-gdpr)

For consent to be valid under GDPR, a customer must actively check the opt-in option rather than having it already checked. 

Marketers suggest using the double opt-in message to secure legality under GDPR. This includes the customer confirming their email once they have signed up to ensure they made the right decision. 

Under GDPR, it must be easy for people to withdraw consent, by clearly stating which steps to take. Users dislike when the opt-out process is difficult and they cannot report spam without difficulty. 

Collecting Information

GDPR not only requires you to ask for consent, but you must keep a track record of every email subscriber. The controller of email marketing should be able to demonstrate user agreement through data collection and engagement. This includes, who, when, where, and how they opted-in. 

For existing subscribers, there is no need to re-opt-in if the process followed regulations and the proper data is collected for each user. For those that did not follow GDPR consent, there is a resubmission request for users to understand the new terms and re-opt-in. Hence, the massive amount of emails your inbox has been receiving. 

If your business needs help with following protocol for GDPR email marketing, Blue Archer can assist you.