24 May 2018 | 17 Comments
I’ve been getting a lot of mass e-mails recently asking me to confirm that I still want to subscribe to something that I already gave my consent to subscribe. Perhaps you have too.
The emails were all about GDPR (General Data Protection Regulation). This is a new law regarding how companies collect, use, and process the personal data of EU citizens. Basically, if anyone in Europe can sign up for your e-newsletter, this applies to you.
Before I continue, I want to be abundantly clear that I am not an expert on this subject. Feel free to read and absorb the following, but do your research and do what’s best for your company.
Yesterday I endeavored to figure out what Stonemaier Games needed to be GDPR compliant. I use Mailchimp for e-newsletters, and they have a number of helpful articles, including this one.
Mailchimp has specific instructions about how to update your subscriber sign-up form so it meets GDPR guidelines. I followed those instructions, which took about 5 minutes. It’s easy.
But then it came time for me to send out a notice to existing subscribers to get GDPR-level consent. Something just felt odd about this, though. These were people who had already opted into my e-newsletter. I’ve been very careful about this. Was such a notice really necessary?
That’s when I found this article. The gist of it is that if subscribers specifically gave you consent to receive communication from you (perhaps through a sign-up form or on a Kickstarter survey where you asked if they wanted to subscribe to your e-newsletter), you’re fine.
However, if you’ve been adding people to your mailing list without their consent, you are not fine. If someone backs your Kickstarter project, that does not equal consent for you to subscribe them to your e-newsletter.
You might be thinking, “Well, just in case, I should probably contact existing subscribers to get GDPR-level consent. It can’t hurt.”
The problem is, it’s already illegal for you to be mass e-mailing people who didn’t give you their consent. So if you send those people another mass e-mail, you’re just driving a nail into the coffin. So it’s better for you to simply delete the information of any subscribers who didn’t opt in (your subscription service can help you do this).
Otherwise, though, you’re right–it doesn’t really hurt to get more consent from existing subscribers who have already provided consent. It’s probably unnecessary, but it’s not going to hurt.
That’s my perspective. Again, this is just a brief summary of the research I’ve done. If you have thoughts you’d like to share in the comments, I absolutely welcome the conversation.
If you gain value from the 100 articles Jamey publishes on his blog each year, please consider championing this content!