The sole entry into force of the EU data protection basic regulation since 25 May brought some changes. So that you know which requirements you have to observe for your e-mail marketing from now on, Vivien Beischau from Newsletter2Go here are 6 tips for you.
Please note that this article is for information purposes only and is expressly not to be understood as legal advice. We assume no liability for the accuracy and completeness of the information provided.
In 6 steps the requirements of the GDPR implement:
1. shipping only with Double-Opt-In
If you want to collect personal data, you need in any case a consent of the person concerned or a legal permission. This consent must be recorded and a reference to the possibility of revocation at any time. For your e-mail marketing, this means that you need the permission of all recipients in advance to send them your mailing. If you do not have their permission, you may not send them any newsletters.
Attention: This also affects customers who already receive newsletters from you. Make sure that they have agreed to receive the newsletter, for example by using a double opt-in procedure. If you can already prove clear consent from your recipients, no further consent is required.
The Double-Opt-In: A legally compliant newsletter registration provides the double opt-in procedure dar. The interested party enters his or her e-mail address in the registration form and thus allows himself or herself to be included in a distribution list. The user then receives a confirmation e-mail and thus the possibility to confirm the registration in a legally secure manner. The DOI process is complete when the recipient has confirmed this e-mail.
2. use legally compliant shipping software
There are some requirements for a legally compliant shipping software that you should consider. One of the characteristics of a legally compliant mailing software is that the servers for sending the mailings are located in Germany. The service providers are tested and have the appropriate data protection certificates.
A contract for order processing must always be concluded.
3. data security guarantee
You should be aware that you must ensure that no unauthorized persons have access to your customers sensitive data. Appropriate technical and organisational measures (passwords, encryption, etc.) must therefore be taken when processing data to ensure that your customers' data is secure.
4. pay attention to data economy
When collecting data, you should pay attention to data economy. This means that data is only collected for a specific purpose and may only be used for that purpose. Show those concerned exactly what they are giving their data for. In addition, you may not collect data that is not appropriate to the purpose.
Example: For a newsletter subscription only the e-mail address is required. Of course you can also request further data, but this information is voluntary and must be marked as such.
5. complete your sign up process
Transparency is important and creates trust. In e-mail marketing, this refers, for example, to your registration form for the newsletter. Communicate clearly what your recipients receive and what they give their data for. And note that you may only mark the e-mail address query as mandatory. All other information must not be mandatory for the user to make the newsletter registration effective.
One more tip for the registration form: Please note that you can unsubscribe from the newsletter at any time. It is also advisable to integrate a link to the data protection declaration, which the customer must accept with a tick.
6. goodies are not free
You can continue to motivate your customers to subscribe to your newsletter with vouchers or special offers. Only with goodies or freebies, such as white papers, infographics, e-books etc., which are combined with a newsletter registration, you have to about this very swap.. Since the prospective customer pays with his data, you may not call the business "free" and must make it clear that he is subscribing to the newsletter.
It remains to be said...
... that with the entry into force of the GDPR Regulation, the protection of personal data will take the highest priority. If these requirements are implemented, you are well on the way to making your e-mail marketing GDPR compliant and horrendous fines to avoid. In our White paper on the EU data protection basic regulation we have once again compiled all the important facts, you can simply download it.