How can we help?

GDPR & deliverability overview

Note: Cordial Experience Inc. does not provide legal advice. If you are in need of legal advice you should consult your legal team or a licensed attorney in your area.

The General Data Protection Regulation (GDPR) is intended to protect all European citizen's data privacy rights, replacing the Data Protection Directive (Directive 95/46/Ec) originally adopted by the European Union in 1995. This new regulation further mandates the ways in which businesses use, share and collect data.

Do's

  • Obtain consent now!
  • Be sure to check that any existing opt-in email addresses have been obtained in ways that are GDPR compliant.
  • Ask for permission again if you are unable to identify how, when and where original consent was obtained.
  • Remember that proper expectation setting must be done at time of consent.
  • Send a re-permission series, as opposed to just one attempt at obtaining explicit consent.
  • Only hold on to data for as long as necessary. There is a bit of ambiguity here, but better to be on the conservative side; we recommend 2 years.
  • Remember that implementing a preference center is a great way to offer your customer base options as to where they may receive future marketing efforts.
  • Always provide an easy to find, one-step unsubscribe mechanism for all marketing emails.

Dont's

  • Do Not forget that GDPR comes into full effect on May 25, 2018!
  • Do Not think that because you are a US based company, GDPR does not apply to you.
  • Do Not bundle consent. Consent should not be included in your company's T&Cs or Privacy Policy.
  • Do Not utilize pre-checked boxes. They are not compliant under GDPR.
  • Do Not re-permission subscribers who have opted out for any reason.
  • Do Not forget that your company must provide an inconspicuous method of unsubscribe so that recipients may withdraw their consent at any time.
  • Do Not mail to subscribers who have not engaged in a reasonable amount of time. Put yourself in your customer's shoes and define this timeframe as such (2 years is recommended).

Additional Resources

https://250ok.com/email-deliverability/gdpr-101
https://250ok.com/email-deliverability/casl-goes-global

Comments

0 comments

Please sign in to leave a comment.