So it's been almost 2 weeks since the new GDPR came into play on May 25th and there are still a ton of questions and concerns about how the General Data Protection Regulations (GDPR) will affect small business owners.
I'm not a legal professional, so this information is purely for guidance, but I have researched GDPR and hosted a webinar on the GDPR for Small Businesses with the fab Leanne Pogson from Leap HR. If you want to watch a replay of that webinar, read on and I'll tell you how to grab it for free in a moment.
This article is to relay some fears regarding GDPR for List Building -what you can & can't do, what you must do, and what myths are going around at the moment!
GDPR For List Building
Email marketing is a fast, low cost and highly effective way to keep in touch with your target audience and make sales in your business, so building and growing your email list should be a major focus in your business.
Let's take a look at what you need to do with your current email list and how to ensure your opt-in forms are GDPR compliant!
CURRENT EMAIL LISTS
First of all, let's bust some myths around GDPR!
GDPR MYTH 1:
- 'I have to delete my entire mailing list and start from scratch'
BUSTED! You absolutely do not need to do this!
GDPR MYTH 2:
- 'I have to email my entire email list and ask them to resubscribe'
BUSTED! You don't legally have to email your entire email list and ask them to resubscribe!
BUT... You must be able to prove where and when you received consent from every person on your email list.
If you used double opt-in's you have your proof right there. If you had a checkbox that was manually ticked by the subscriber and this is recorded in your email management system, that's also proof.
The ICO recommends that 2 years is the longest period of time you can hold consent for, after that time you need to get consent again.
Schedule an email campaign to be sent to all subscribers every 1-2 years to refresh consent.
If consent was given within the last 2 years, check that you can prove where and when they gave consent. Click here to read the full details about obtaining consent.
GDPR MYTH 3:
- 'I sent a re-subscribe email to my list and they didn't click to re-subscribe, I can just leave them on my list, right?
BUSTED! Absolutely not! Even though we know that not everyone on our email lists actually open, read or take the action we have asked them to, you can only leave someone on your email list if they actively click to resubscribe.
- Can I email businesses without consent?
YES. Businesses such as B2B customers, limited companies, limited liability partnerships (although this may change with the new e privacy regulations) don't need to give express consent. You must give them the option to unsubscribe in every email though.
However, note that Sole Traders and members of unincorporated partnerships are considered an 'individual', so you will need to get express consent from them.
- Do I really have to give the option to unsubscribe in every email?
YES. It can be a simple link in the footer of your email, so you can set it up once and not have to worry about it again.
- What is 'Legitimate Interest?
Legitimate Interest is the term used for individuals who are clients, customers or have made an enquiry with you. It can also be your own interests. It's the most flexible reason for keeping data, which can be a good thing, but there are guidelines to it.
If you choose to rely on legitimate interests, you are taking on extra responsibility for considering and protecting people’s rights and interests.
Read more on Legitimate Interests on the ICO website here.
GDPR AND OPT-IN FORMS
As a small business owner or entrepreneur, you probably have a ton of opt-in forms (also known as sign up forms, contact forms, lead magnet forms etc).
You can still use these forms!
You just need to make a few changes or additions to them (and it's easy to do!)
- Firstly, remember to only ask for the information you absolutely need. If you don't need an address, phone number or date of birth, don't ask for it. Most likely, you'll just be asking for their name and email address.
- Add a checkbox for people to manually tick (nothing pre-filled!) to acknowledge they have read and understand your terms.
- Lastly add a final checkbox and ask if the subscriber would like to be added to your mailing list. Mention that they can unsubscribe at any time.
Want to watch the FREE Webinar?
Along with Leanne Pogson from Leap HR, I hosted a live webinar on GDPR for Small Business Owners and you can watch the replay for free!