The keys to creating a After months of discussion, the General Data Protection Regulation (also known as GDPR) has finally come into force. This new regulation affects the vast majority of businesses because, regardless of size or location, any organization collecting, processing, and storing personal data of citizens within the European Union must comply with the GDPR.
The financial penalties for non-compliance are drastic (up to 4% of turnover or €20 million), not to mention the repercussions and consequences for the company’s reputation. Yet, according to the results of a study conducted by Mailjet among 12,000 VSEs/SMEs, most companies are still not ready .
For marketers, GDPR compliance includes sending communications that comply with this new regulation. But what steps should be taken to achieve this? In this article, we’ll guide you step-by-step through the steps to create GDPR-compliant email campaigns.
Collect the person’s The keys to creating a consent
Under the GDPR, when sending your marketing job function email database emails, you must collect freely given, specific, informed, and unambiguous consent . Here, we’ll take a look at the best practices you should adopt to collect consent from your contacts.
Ensure consent is given through a clear, affirmative action
Silence or lack of action by the individual concerned does not constitute consent. Therefore, there is no need to rely on pre-ticked boxes (a mechanism known as opt-out) to obtain an individual’s consent.
Use clear, simple language that your audience will find easy to understand. This is especially important if you’re asking children for consent. Avoid technical or legal high-stakes duel account-based marketing versus inbound marketing jargon and confusing terminology (such as double negatives). Finally, use consistent language and methods for all multiple consent options.
Although not mandatory, we recommend implementing double opt-in . This involves obtaining confirmation of the user’s consent in two stages before adding them to one of your recipient lists. Once when they fill out a form and a second time via a confirmation email, asking them to click on a link, for example.
You must also apply the principle of data minimization
This means that only data that is strictly necessary to achieve the purpose may be collected. As a data controller, you must therefore not collect more data than you phone number iran really need. You must also be careful about the sensitivity of certain data (for example: racial or ethnic origins, political, philosophical or religious opinions, trade union membership, health data, etc.).
By applying all these practices, you will be sure to collect consent that complies with the new regulations.