The General Data Protection Regulation (GDPR) comes into force on 25 May, 2018, and many marketers are wondering what changes they need to make to their email list to be compliant.
Do I need to re-opt-in my subscribers?
Not necessarily. The guidance from the ICO is that you are not required to automatically refresh permission in preparation for the GDPR. However, if the existing permission doesn’t meet the GDPR’s high standards or are poorly documented, you will need to seek fresh GDPR-compliant permission to continue email marketing. In layman’s terms, if you can’t prove that a user has explicitly opted-in to receive your emails AND that user is based within the EU, then you’ll need to re-permission them.
How do I re-opt-in my subscribers?
Permission can be obtained by sending an email and asking subscribers if they wish to continue receiving your emails. We’d advise that this is done over a series of emails, in the run-up to 25 May 2018. Once that date arrives, if subscribers have not agreed that you can still contact them (and you don’t have evidence of earlier permission) you’ll need to remove them from your list.
In preparation for GDPR, we’ve launched a feature to obtain and record permission for existing subscribers. You’ll also probably want to enable double opt-in on any new subscribers. If you’re not yet using EmailOctopus (why not!) , you can download our free email templates to use with your existing email provider.