How can you protect your mailing list from GDPR?

How will GDPR affect your mailing list? Find out what you need to do to stay legal from a marketing point of view.

February is the month of St Valentine. It is often about love, but at Pinpoint Marketing, we see it as also being about relationships. Building relationships, starting them, nurturing them and looking in for the long term.

Moving on from February and into May, we’ve also got the arrival of GDPR. And we’re often asked by our clients how this can impact their customer relationships and engagement. So we thought we’d share the advice we’ve been given from a marketing point of view.

GDPR affects EVERYONE!

The common myth is that data protection is only for the big boys and one-man bands do not need to worry about it. Wrong! GDPR is a new, European-wide law or directive that replaces the Data Protection Act 1998 in the UK. It is about putting people first and respecting their rights and it comes into effect on 25 May 2018.

GDPR applies to any ‘personal data’ (any information relating to an identifiable person). For example, a name, IP address, phone number etc. The directive applies to adults and children and also it is regardless of whether your customers are consumers, individuals or businesses.

How can you protect your mailing list from GDPR?

I have always said that the best practice when email marketing and building a database is to never add anyone onto your database automatically, unless you have their consent or permission first.

This best practice applies whether your customers or clients are consumers (B2C) or businesses (B2B). You must always give the customer the option to unsubscribe.

However, regardless of whether you have or haven’t walked this straight line of building your database, what should you be doing before May to be compliant – and protect your mailing list from GDPR?

Start using double opt-in forms

If you can demonstrate that all the marketing material you have used to gain sign ups to date was double opt-in, then you don’t need to do any more work on this. If not, you’ll need to ask your database to re-sign-up to continue to keep receiving mass emails from you or your company.

Email marketing tools like Drip have simple sign up forms for double opt-in which can create and send links to your database. Using these it only takes a minute for your subscribers to re-sign up and give their consent. It’s all automated and all trackable, so you are covered in the event on an audit.

This signing up process isn’t a one-off exercise, however; it should be repeated regularly (the exact frequency I believe is still to be determined).

Hopefully, if you have a loyal and engaged audience, most will sign up and then you are good to go. (Please also note that assuming a pre-ticked opt-in/tick box will not be acceptable after May – you won’t be able to auto sign up and assume the receiver will untick.)

Can you still market to existing customers?

There is an argument about ‘legitimate interest’ and how this may get around being able to keep contacting your database.

This is a woolly area still but basically it argues for marketers and business owners that if a contact is a past customer or current one or has some genuine link to your business, they can still be marketed to. I would recommend you start following the ICO to keep up to speed before acting on this.

So, you have set up a sign-up form on Drip (or your equivalent software), and you have emailed this out to your current database. Don’t despair if not everyone signs-up – some won’t and this is fine. To me, it is better to have 100 contacts signed up that all read, click and engage in your content rather than 500 who never open an email. It is easy to get obsessed by the numbers though.

Want to grow your list (WITH double opt-in)? Discover the REAL art of list-building – and how to build yours. And here’s how to stop people unsubscribing from your list.

How to re-engage customers who don’t respond

So how can you engage customers in addition to using the traditional database and email marketing route? Given GDPR and its limitations on us going forward, what else can you do to engage and grow?

Firstly, try and be positive about this. See this as an excuse to get in touch with them by phone or a meeting to engage them and catch up. You could consider:

Consider telemarketing to boost sign ups or chase non-responders. This could be done using an expert or yourself at home or in the office. By making these calls you never know where this may lead!
You could find and follow the contacts on your various social media profiles to keep connected. Then you could message them as well as posting general content to them and everyone else to engage them and draw them in.
You could invite them to a meeting or networking event you are attending.

Basically, all is not lost. Be inventive and innovative, but stay be on the right of the data protection laws and regulations. Good luck!

Pinpoint Marketing offers packages covering planning, email marketing and social media. Find out how they can help.

Photo by Brooke Cagle

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Advertisement".
cookielawinfo-checkbox-analytics	1 year	This cookies is set by GDPR Cookie Consent WordPress Plugin. The cookie is used to remember the user consent for the cookies under the category "Analytics".
cookielawinfo-checkbox-necessary	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Others".
cookielawinfo-checkbox-performance	1 year	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	1 year	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
__utma	2 years	This cookie is set by Google Analytics and is used to distinguish users and sessions. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics.
__utmb	30 minutes	The cookie is set by Google Analytics. The cookie is used to determine new sessions/visits. The cookie is created when the JavaScript library executes and there are no existing __utma cookies. The cookie is updated every time data is sent to Google Analytics.
__utmc	session	The cookie is set by Google Analytics and is deleted when the user closes the browser. The cookie is not used by ga.js. The cookie is used to enable interoperability with urchin.js which is an older version of Google analytics and used in conjunction with the __utmb cookie to determine new sessions/visits.
__utmt	10 minutes	The cookie is set by Google Analytics and is used to throttle request rate.
__utmz	6 months	This cookie is set by Google analytics and is used to store the traffic source or campaign through which the visitor reached your site.

Cookie	Duration	Description
CONSENT	16 years 5 months 19 days 13 hours 20 minutes	These cookies are set via embedded youtube-videos. They register anonymous statistical data on for example how many times the video is displayed and what settings are used for playback.No sensitive data is collected unless you log in to your google account, in that case your choices are linked with your account, for example if you click “like” on a video.
vuid	2 years	This domain of this cookie is owned by Vimeo. This cookie is used by vimeo to collect tracking information. It sets a unique ID to embed videos to the website.
_ga	2 years	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, campaign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assign a randomly generated number to identify unique visitors.
_gat_gtag_UA_39226696_1	1 minute	This cookie is set by Google and is used to distinguish users.
_gid	1 day	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the website is doing. The data collected including the number visitors, the source where they have come from, and the pages visted in an anonymous form.
_omappvp	11 years	The cookie is set to identify new vs returning users. The cookie is used in conjunction with _omappvs cookie to determine whether a user is new or returning.
_omappvs	20 minutes	The cookie is used to in conjunction with the _omappvp cookies. If the cookies are set, the user is a returning user. If neither of the cookies are set, the user is a new user.

Cookie	Duration	Description
centerVisitorId	7978 years 5 months 19 days 13 hours 11 minutes	This is a HTTP cookie used to track the individual sessions on the website. It helps the website to compile statistical data from multiple visits. This data is used for lead generation as a part of marketing purpose.
fr	3 months	The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin.
IDE	1 year 24 days	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
NID	6 months	This cookie is used to a profile based on user's interest and display personalized ads to the users.
test_cookie	15 minutes	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the user's browser supports cookies.
VISITOR_INFO1_LIVE	5 months 27 days	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
YSC	session	This cookies is set by Youtube and is used to track the views of embedded videos.
_fbp	3 months	This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website.

Cookie	Duration	Description
cookielawinfo-checkbox-functional	1 year	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
view.ga79y7i4H2VjMus2eRJYqN.4ewaiz7cYMLxo2Fdorod4k	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.5659118702428160	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.5kjS2nejq2YcnYdvBnXie6	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.6M3TmeJYUdaXk4bFFoEsPB	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.AcqHN2Jx4LPTHTaVuvgpj7	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.az9ENbabTdjyzXZhvGZLsH	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.BfndspJeShXfBzLLV9vgf6	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.dExRyANhGorUfWBK88b8He	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.DLQVxHBCjsB8dSGzMQHEG8	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.ecCiQ7LhtWkSkJ7TaZBNeg	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.FQVDyuAXgSZP6EjzQVc8vZ	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.gm24Y7zkcqfXLnVYsG45ua	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.Jngw8VouAHPooyWULt96v8	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.JUp6DgKPEh2GnAKP6Hic9a	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.oXoiDpd347fYcUzoEogUp3	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.PxByyBFy44UYvo87EnhdAT	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.pXcNDvRdAUByFqYPw6mShD	1 day	No description
view.ga79y7i4H2VjMus2eRJYqN.QdALHubScinNuHaMzo6r4T	1 day	No description
yt-remote-connected-devices	never	No description available.
yt-remote-device-id	never	No description available.
_drip_client_6898597	2 years	No description
_drip_visitor_6898597	2 years	No description