GDPR is the new elephant in the room when it comes to the data you collect from people while you are marketing. Although it currently only applies to those marketing to people in the EU, many other jurisdictions are considering similar legislation. The high value of the possible fines grab the attention. – In practice, there are not the resources to catch and fine everyone.
If you are running a quality marketing campaign then you will almost be ready for GDPR. The only item we had to add, was that you need to keep a record of how and when people opted in, so you can demonstrate they gave permission.
So, what happens when somebody does not like the email they sent you? – Do they unsubscribe?
You must provide an unsubscribe link in your email, and this is usually at the bottom in the footer. But what happens next?
Most of the older email marketing platforms will have a series of ‘lists’ and a contact can be in one or many of these lists. They will then itemise all the lists that person is in and ask them to unsubscribe from each list, or all of them. This is not GDPR compliant, because they also have the right to be forgotten. Removing from the list does not explicitly say they will be forgotten. Will they be put in an opt-out list and not allowed to join again? – It is not clear. Not forgetting that you probably named the lists for your own benefit, and those list names may not mean anything to the subscriber.
More modern marketing systems are now working on the processing of tags to assign intent and interest of the subscriber. Asking them which tag they want to be marketed from is going to be even more silly a question.
Unsubscribe in context.
The first stage of the solution must be to differentiate between unsubscribing from the current campaign which the current email is part of, and unsubscribing from everything you do. So, for the old email list system, you would remove them from that current list, and in the case of the more modern system, you should remove the tag which takes them out of the same campaign.
You must also offer the right to unsubscribe from everything, but you can now at least show the different options for the client in coming off one list or coming off everything.
Then there is the right to be forgotten. As I understand the law, anyone has the right to have all their personal information removed from your system. That does not include invoices and payment records which are required by tax authorities for revenue purposes. We used to have an opt-out list, and when somebody wanted to be removed, we added them to a list which stopped them being added again. If you are ‘forgotten’ you can not be on the opt-out list. So, how do you ensure they have not been added again?
Of course, there are places where the system can not work. – And please if you have a solution, let me know – If you run Facebook marketing, (and you should be), then you can tag people and Facebook will them market your ads to them. You can also use combinations of tags. If you have a tag list called ‘list1’, which activates on a certain page, they are added. If somebody unsubscribes, then you can not take them off ‘list1’, as you do not hold the list, Facebook does. All you can do is add them to another exceptions list, say ‘list1-remove’. They are then no longer a member of ‘list1’ as they are on ‘list1-remove’. If they ask to be forgotten then you can not do it either. The list is with Facebook and only Facebook can make them forgotten and that is by removing them from Facebook completely?