What is GDPR in email marketing?

General Data Protection Regulation (GDPR) is a data protection law that came into effect in May 2018. It applies to any organisation that deals with the personal data of people who live in the EU, regardless of where the organisation is based. GDPR has major implications for email marketing because this process involves collecting and using personal data such as email addresses and names.

Consent

Under GDPR, email marketers must obtain consent before sending anyone marketing emails. This means that just having a pre-ticked box or implying consent are no longer enough. Marketers must clearly explain what you are agreeing to and how your data will be used.

The consent process should be separate from any other terms and conditions and people must actively opt-in to receive marketing communications. If businesses do not follow these rules, they can be fined by the Information Commissioner’s Office

Transparency

Marketers must also be transparent about their data collection and they must provide clear information about who is collecting the data, why it’s being collected, how it will be used and how long it will be kept. Any privacy policies and email sign-up forms should also be updated to reflect these requirements and they must use plain language that is easy for the average person to understand. Specialists such as shepper.com can assist you if you need a data analysis company.

Data Management and Security

Email marketers must make sure that they have appropriate measures in place to protect the personal data they collect and process. This includes having safeguards such as encryption and access controls as well as having measures like staff training and data protection policies.

Marketers must also respect your right to access your data, your right to have your data corrected or deleted and your right to object to certain types of processing. They should also have systems in place to promptly handle data subject requests and be able to maintain accurate records of consent and data processing activities. Furthermore, GDPR legally requires organisations to report certain types of data breaches within 72 hours to the relevant supervisory authority.

Stephane
Stéphane is the founder of TrustedBrokers.com, a comparison service for traders. TrustedBrokers.com helps traders compare 20 Forex and CFD brokers in one place, through guides, reviews and comparison tables. These brokers include familiar names like AvaTrade, FxPro, FP Markets and eToro. Some of Stéphane’s first ventures were focussed on online dating, before pivoting towards affiliate marketing in the financial services space.