Do I need to re-opt-in my email list for GDPR?

The General Data Protection Regulation (GDPR) is one of the new marketing regulations coming into force on 25 May, 2018, and many marketers are wondering what changes they need to make to their email list to be compliant.

Do I need to re-opt-in my subscribers?

Not necessarily. The guidance from the ICO is that you are not required to automatically refresh permission in preparation for the GDPR. However, if the existing permission doesn’t meet the GDPR’s high standards or are poorly documented, you will need to seek fresh GDPR-compliant permission to continue email marketing. In layman’s terms, if you can’t prove that a user has explicitly opted in to receive your emails AND that user is based within the EU, then you’ll need to re-permission them.

How do I re-opt-in my subscribers?

Permission can be obtained by sending an email and asking subscribers if they wish to continue receiving your emails. We’d advise that this is done over a series of emails, in the run-up to 25 May 2018. Once that date arrives, if subscribers have not agreed that you can still contact them (and you don’t have evidence of earlier permission) you’ll need to remove them from your list.

In preparation for GDPR, we’ve launched a feature to obtain and record permission for existing subscribers. You’ll also probably want to enable double opt-in on any new subscribers. If you’re not yet using EmailOctopus (why not!) , you can download our free email templates to use with your existing email provider.

💡 For more information, check out this guide: How to build an opt-in email campaign.

Opting out is just as important as opting in!

While re-opting in your email list for GDPR compliance is crucial, equally vital is the accessibility of opt-out options for your subscribers. The GDPR emphasises the user’s right to withdraw consent as easily as they gave it. This means that every communication must include a clear and unambiguous way to opt-out or unsubscribe.

By integrating a simple and accessible opt-out mechanism, you uphold the principles of transparency and control that are at the heart of the GDPR. This not only ensures compliance with legal requirements but also fosters trust and respect with your audience.

By demonstrating that you value and respect their choices and privacy, you lay the foundation for a more engaged and loyal subscriber base. In a world where data privacy is a growing concern, the simple act of providing an easy opt-out option reflects positively on your brand’s integrity and customer-centric approach.