Email marketing is a tried-and-true strategy for increasing conversions, and with a $38 return on investment for every dollar spent, it’s no wonder that this strategy holds fast as a mainstay component of any good marketing plan.
However, successful email marketing campaigns are built on contact lists and consumer data – increasingly regulated commodities to acquire. Come May, the collection, storage, and use of that information could put companies at risk for millions of dollars in legal penalties.
Businesses around the world are scrambling to comply with the impending General Data Protection Regulation (GDPR) before it takes effect on May 25th of this year.Intended to reshape the way that user data is gathered and processed, the GDPR dictates strict rules of conduct for businesses who collect information from consumers. Click To Tweet
The European Union-based regulation applies to businesses located within the EU, as well as those that target citizens or residents of the EU. On the global platform that is the digital world, few are safe from the painful penalties – along the lines of 4% of a company’s annual revenue – threatened by non-compliance of the GDPR.
The portals through which millions of bits of consumer data are passed, marketing departments are feeling the frenzy more than anyone to adjust their strategies and take cautious steps along the lines drawn by the GDPR. To avoid bank-breaking fines and lofty legal consequences, email marketers need to evaluate, update, and renovate their engagement strategies.
Here are five steps that you should take in order to tailor your email marketing strategies and avoid breaking the company bank on GDPR penalization.
Step 1: Refine the Scope of Your Data Collection
Not long ago, the go-to practice for collecting data was to cast a net and see what information could be reeled in. Marketers would index piles of user information without rhyme, reason, or discretion – but times have changed.Email marketers will now need to implement a strategy of data minimization in which every single piece of information that is collected from users has an explicit purpose and justification. Click To Tweet
Although this may sound daunting, the adjustment is both necessary and beneficial.
Minimize Data Out of Legal Necessity
Under GDPR guidelines, data processing is only acceptable on the grounds that it can be justified as a necessary requisite to accomplish a specific goal.
Article 5 of the GDPR states that personal data can only be “collected for specified, explicit and legitimate purposes.” Those purposes are:
- The vital interest of the individual
- The public interest
- Contractual necessity
- Compliance with legal obligations
- Unambiguous consent of the individual
- Legitimate interest of the data controller
If your data collection doesn’t meet any of these criteria, it’s time to stop.
With GDPR penalties in the ballpark of 20 million euros, no one can afford to be careless about collecting unnecessary information.
Shed the Weight of Useless Data Targets
Gathering and storing droves of unnecessary data is a burden on your business. Now – under the pressure of the GDPR – it’s the perfect time to re-evaluate what data you’re getting your hands on and why.
According to Fulcrum Tech, most email marketers can limit the scope of their data collection to the following key points of consumer information:
- Email addresses
- Purchase history
- Email clicks
- Delivery data (# of delivered emails)
- Percentage of mobile users
- Leads and sales attribution channels
- Website visits and clicks
- Customer preferences
The bottom line is that the information you collect should be essential to the achievement of your marketing efforts and serve to enhance the customer experience. Once you’ve determined what that means for you, it’s time to get your users’ permission.
- Buyer’s Journey 101: What Your Email Data Says About Your Customers
- How To Write Data Driven Posts
- How to Use Big Data Analytics to Grow Your Marketing ROI
Step 2: Stop Assuming Consent
Gone are the days of obtaining customer consent with:
- Pre-ticked boxes
- Automatic opt-ins
- Hidden options
- Incentivized opt-ins
- Hidden privacy policies
According to Article 7 of the GDPR, consent to gather and use consumer data is only legally achieved through a freely given, affirmative action performed by the user. Passivity and inaction no longer cut it when it comes to customer permission.
Put simply – consent can no longer be assumed.
So, how do you get permission to collect the data that your email marketing campaigns rely on to succeed?Be direct with your users and ask them to perform an explicit action that grants consent. This puts them in the driver’s seat while keeping you on the right side of the GDPR. Click To Tweet
Consent mechanisms can be installed on your website via a clickwrap modal, on a sign-up page, or in an email sent directly to your contacts.
Provoke a Response with Clickwrap
Clickwrap modals are pop-ups or full-screen windows that appear on your website and require the user to take action before continuing to access the content of your site. Use the pop-up to ask consumers if they want to receive emails from your company and provide a box to check or a button to click if they would like to offer their consent.
Sainsbury’s does clickwrap the right way by directing its visitors to their appropriate policies and asking for consent to their terms and conditions in addition to future outreach:
Notice how both the “yes” and the “no” boxes are unchecked in the example above. Always let the consumer tick boxes for themselves, or you risk their consent being rendered invalid.
Bundle Sign-Up and Consent
Check out how Walmart gets consent right at the source:
- How AI Helps Add Personalization to Your Email Campaigns
- Cold Emailing: Best Outbound Sales Automation Tools
- How to Get Higher Email Open Rates (Without Being Spammy) [podcast]
Step 3: Launch a Re-permissioning Campaign
A re-permissioning campaign invites your existing contacts to opt in to future participation in your email marketing by sending a mass email to your contact lists.
Obtaining the affirmative consent required to continue collecting and storing user information can benefit your business in ways beyond GDPR compliance. Boast your commitment to your users’ privacy, refine your contact list, and achieve consumer consent by launching a re-permissioning campaign of your own.
Re-engage your current email lists by sending out a one-size-fits-all permissioning email. Let your customers know that you’re amplifying your privacy measures and want to offer them control over their personal information.
Most importantly, give recipients the chance to opt in to receiving future emails – and don’t forget to leave the ‘yes’ box unchecked!
Asking users to perform this opt-in action achieves the degree of compliance that will keep your marketing efforts out of the scrutinizing eyes of the GDPR watchdogs, while trimming your audience down to an engaged base of subscribers.
Since these users are making an effort to signal that they want to receive your emails, they’re already engaging with your business. Knowing that these recipients are consenting to your efforts and not directing your emails to a spam folder can be a powerful piece of knowledge as you move forward with your marketing strategies.
Considering that “54% of marketers say increasing their engagement rate is their top email marketing priority,” what better way to kickstart that goal than by combining it with your compliance efforts?
The Guardian hit the nail on the head with a recent re-permissioning email they sent out to readers:
The Guardian takes additional steps to bolster their compliance by giving customers a date by which they need to opt in. After that, the data of users who declined to opt in will be wiped from company servers – and safe from GDPR scrutiny.
Warning! Avoid sending re-permissioning emails to users that have already unsubscribed from your newsletters. Several companies have been fined for making this mistake.
- 14 Ways to Kickstart Your Mobile Email Marketing Campaign
- How Often Should You Be Emailing Your List? | Ep. #63 [podcast]
- Cold Email Templates that Get Responses
Step 4: Retool Your Old Regime
Now under the stringent reign of the GDPR, companies have to be more careful than ever about not only what information they collect and why, but how they disclose those practices to their users.
Perform a Data Audit
According to Techopedia, “A data audit refers to the auditing of data to assess its quality or utility for a specific purpose.” The GDPR beckons marketers to spring clean their cellars of consumer data, and toss unnecessary and non-compliant data in the trash.
Here are some dust bunnies to hunt for and sweep away for good:
- Unconsenting customer contact information
- Outdated emails
- Campaign data that is no longer relevant
- Open/click/response information not pertaining to current campaigns
- Any data collected for reasons outside the four purposes outlined above
If you’re sitting on stacks of information that aren’t actively moving your marketing efforts forward and haven’t been properly permissioned up to GDPR standards, you’re putting yourself at risk. Save yourself future pain and present waste by clearing out your past piles of data.
- How you store it and for how long
- Why it was collected
- To what ends it might be used
- With whom it is shared
The looming presence of the GDPR is finally set to touch down on May 25, 2018. Whether it is a force to be reckoned with or an empty threat is yet to seen. However, the potential penalties are too great not to take your email marketing strategies in the direction of compliance.
Not only will implementing the above measures keep your business safe from GDPR backlash, but they’ll optimize your business operations and enhance your customer experience.