Does your list building change in a GDPR world?

All of us do email marketing. Or at least, you should be. 🙂 If you’re not, seriously… what the hell?!

Anyway… GDPR compliance will have some impact both on our email marketing going forward… but potentially also your email list building going BACKWARDS.

See, if you have not been getting express consent from email subscribers, then you might need to back up and go get it.

This could mean:

Sending out double-confirmation emails to previous subscribers

Asking them to opt-in again.

Deleting them and starting over.

Where it gets messy is if you’ve been doing it wrong the whole time.

For instance, if somebody opts into your list and then you end up subscribing them to multiple lists behind the scenes (even sub-lists on the same account), then you might need to go back and get express permission again.

This is one reason why I never auto-subscribe a person to The Daily. When somebody comes in via a lead magnet (as most of you did), then you get an invitation to get The Daily, but I do not assume you want it. I do this mainly so as not to be an a**hole and send you stuff every day when you never wanted it. 🙂 But, that would be an example of something I’d need express consent for if somebody was just coming in for the lead magnet. Get it?

If you imported a list you got elsewhere, you will definitely need to go back and double confirm them.

But, let’s look forward. What do we need to do differently from here on out?

First off, it is common practice (and I do it, too) that when a person subscribes for a lead magnet download, they’re going to get some additional marketing emails on the topic of that lead magnet. It is part of how sales funnels work. And, this is still OK! However, we need to get consent…

Using double-confirmation is one way.

Using checkbox(es) on the opt-in form is another way.

In other words, just be upfront with ’em.

The GDPR does not expressly require double-confirmation. However, it does expressly require “[c]onsent must be clear and distinguishable from other matters and provided in an intelligible and easily accessible form, using clear and plain language […]“. We need to have consent. However, from what I can determine, it seems to be that you could do this on the opt-in form via a require checkbox and that it does not also have to be double confirmation.

Of course, putting checkboxes on the opt-in form could also hurt your conversion rates. A better solution may be just to use double-confirmation. But…

If you use a tool which provides more automation (like, a real marketing automation tool like Drip), then one potential solution would be to send a consent email (essentially, a double-confirmation) only to people in Europe. Technically, GDPR only applies to EU citizens. So, I don’t see any reason why you couldn’t avoid checkboxes and selectively apply double confirmation just to the EU. A simple automation could record consent and, if they don’t grant it, automatically delete them after a set time period.

Another thing is that you always provide an easy way to unsubscribe. That’s a given. But, the “right to object” rules of GDPR also mean we need to give people the option to opt OUT on a granular level. As an example, I give all Daily readers the option to opt out of the Daily without being forced to opt out of everything else.

All this GDPR really only applies to your EU-based customers and visitors. Or in the case of our email list, only our email subscribers who are based in the EU.

So, if you need to go retroactive in order to acquire express consent from them, you only need to do this for your EU subscribers. No need to do it on everybody else unless you feel like it. Most email service providers provide a way to segment out subscribers based on geography or timezone.

What I would do (and will be doing) is simply to segment out my European subscribers and sending them a re-confirmation. I’ll get them to click a link in the email to specifically continue to hear from me. And if they don’t respond, it’ll be adios to them.

One other thing…

Most list building tools you may be using for opt-in forms and landing pages are coming out with updates for GDPR compliance. One of the major things will be the ability to insert checkboxes onto your opt-in forms in order to get consent.

Again, consent isn’t complicated. Just a notice that says they agree to their email address being stored, along with that required checkbox, will do the trick.

But, as I said, I don’t see any reason why you couldn’t avoid checkboxes and simply use double-confirmation (or even targeted double confirmation specific to the EU). We shall see. If I find info that says I’m wrong on this, I’ll bring it to your attention. I know when I research it, I find people proclaiming all kinds of things. Which tells me… people don’t know.

GDPR is a bit of a mess like that. Gotta love government bureaucracy. (ugh)

– David