The General Data Protection Regulation (GDPR) came into being two years ago. Despite this, there is still much confusion over what businesses need to do to ensure they stay compliant when sending emails.
Can you still send emails to customers? Can you contact prospective customers with campaigns? What do you do if a customer no longer wants to hear from you? Here at Funnel Boost, let us help provide some clarification.
What is GDPR?
GDPR came into effect in May 2018, to align data privacy laws across all EU states. It:
- Regulates the processing and handling of personal data of EU citizens by businesses
- Gives individuals the right to know how their data has been collected and processed
- Gives individuals the right to prevent their data being processed and to have their information deleted if they choose
GPDR is different to the ePrivacy Directive (or ‘cookie law’) where businesses must get explicit consent to put cookies on people’s computers.
GPDR is in place to protect individual citizens and not businesses, with the EU stating: “(GDPR) will increase the protection of people’s private life and open up new opportunities for business.”
So, how does GDPR affect email marketing?
In the UK, the Privacy and Electronic Communications Regulations (PECR) applies alongside GDPR. PECR gives some additional insight to help companies determine who they can send their email marketing to.
PECR defines the ways companies can reach out to customers and makes clear distinctions between B2B and B2C companies. The Information Commissioner in the UK (ICO) gave guidelines on B2B marketing outreach which specified that:
- Rules on consent, soft opt-ins, and the right to opt-out do not apply to B2B electronic marketing messages sent to ‘corporate subscribers’ – such as other companies and corporate bodies. However, sole traders and some partnerships have the same protection under GDPR as individuals
- The sender must identify themselves and supply contact details on all correspondence
- If someone requests that a company no longer contacts them, the company must honour this request
What does this mean for you? This means that if you are sending a cold B2B email marketing campaign, you are permitted to send it to other companies and corporate bodies, as long as you clearly identify yourself and stop contacting people if they request it. You need to do the following in all your campaigns:
- Provide a clear opt-out method. This doesn’t necessarily have to be an ‘unsubscribe’ link, as long as it is easy for the recipient. For example, allowing customers to unsubscribe by replying to the email is easy, making them call you or send a letter to be removed from your database is not
- Provide an accurate sender field and relevant subject line – don’t be deceptive
- List a legitimate physical address so your recipient can see the email has come from a genuine company
- Do not contact sole traders and partnerships unless you have their consent to do so. If in doubt about a potential customer, leave them out!
- If people say they want to opt-out, remove their details from the mailing list immediately and do not contact them again unless they advise that they wish to be reinstated
- Cleanse your CRM database regularly to remove out-of-date or irrelevant leads
All Funnel Boost’s activity is 100% GDPR compliant.
If you want to know more…
Check out the EU’s Article 16, which focuses on unsolicited communications. , as well as the EU Working Party’s response to the piece.