Have You Invested In an eMailing List which is GDPR Compliant?
Have you remembered to change your email sign offs and to put links to your privacy policy and legitimate interests assesment in your marketing emails?
After the deluge of permissioning emails around GDPR, many people are acutely aware of which emails they have signed up to receive and which requests for permission they denied or ignored.
This means that slack marketers can no longer rely on the short memory of a target by writing something like this:
"You are receiving this email as you have subscribed in the past to receive information about our events. If you wish to update your email preferences or unsubscribe, please click the link below".
Yes this statement is doing the right thing by offering an unsubscribe but post-GDPR this sort of email sign off is increasingly being called out by targets.
A little white lie claiming that the prospect is receiving emails because they have 'previously signed up' or 'enquired in the past' when the marketer bought in an email list and the company has no previous relationship with the data subject does not enhance your campaign. In the post-GDPR age, very few people are falling for this anymore.
Transparency is one of the key principles of GDPR. We suggest that you follow the ICO recommendations of adopting a 'layered approach' to giving data subjects information about privacy and legitimate interests. Somewhere on your marketing email, you should state the reason for contacting the company under the terms of legitimate interests and you should provide a link to your privacy policy, which in turn has a link to your legitimate interests assessment.
I have seen this at the bottom of a few emails this month:
"This email was sent to you as a corporate subscriber within the meaning of the Privacy and Electronic Communications Regulations 2003. Your personal data are protected under the General Data Protection Regulation and Data Protection Act 2018. If you would like to know how and why you have received this message, please visit our information page."
(Unfortunately the information page link clicks through to something that is blocked by my office spamblock, but I'd like to think it is a link to a Privacy Policy and a Legitimate Interests Assessment.)
Electric Marketing is signing off its emails with this:
"As a GDPR compliant company, we would like to explain why you have received this email. We believe that you have a need for business marketing data within your business. We have identified your email address as being an appropriate point of contact within your organisation. This represents legitimate interest in line with the ICO's guidance. Our Privacy Notice is available here"
Like the new regulation, our statement is a bit clunky but as we all get used to what GDPR means for business-to-business marketing, this will no doubt become shorter and snappier over time.