GDPR Compliance - Opt-in or Opt-out

yellow hen

Bob24 wrote: »

Btw maybe a stupid question but didn’t you gather consent from the people in your mailing list in the past for the purpose of sending them these emails? If you had them provide explicit consent in the past you don’t need to do it again just because GDPR is comming into enforcement. GDPR doesn’t void previous consent as long as it was given explicitly and it’s only if you didn’t ask for explicit consent before that you need to do it now.

Not a stupid question at all. Anyone who ever attended an event with us would de facto be added to the mailing list. Not explicit consent therefore.

I appreciate the advice and we're going to pursue an opt-in approach even though it is likely to hugely effect our reach across the country.

Bob24

yellow hen wrote: »

Not a stupid question at all. Anyone who ever attended an event with us would de facto be added to the mailing list. Not explicit consent therefore.

I appreciate the advice and we're going to pursue an opt-in approach even though it is likely to hugely effect our reach across the country.

My advice would be to word it as a yes/no question like “Would you like to keep receiving our email updates?” with a yes button and a no button.

In practice regardless of people ignoring your email or clicking on the no button the outcome is the same and you have to remove them from your list, but psychologically having one button for each choice might get people to feel they have to act on the email and click on one of those buttons.

(If you ask them “Please let us know if you would like to keep receiving our updates” and only have one button for them to resubscribe, you might get less replies as people might be more inclined to feel they can leave it for later and worst case the default choice will apply)

Just my too cents although I am an IT person and not a psychologist!

Glass fused light

Bob24 wrote: »

My advice would be to word it as a yes/no question like “Would you like to keep receiving our email updates?” with a yes button and a no button.

In practice regardless of people ignoring your email or clicking on the no button the outcome is the same and you have to remove them from your list, but psychologically having one button for each choice might get people to feel they have to act on the email and click on one of those buttons.

(If you ask them “Please let us know if you would like to keep receiving our updates” and only have one button for them to resubscribe, you might get less replies as people might be more inclined to feel they can leave it for later and worst case the default choice will apply)

Just my too cents although I am an IT person and not a psychologist!

Good ideas on the buttons but can I be very pedantic and recomend the use of the term database and remove the word email, otherwise you may end up with excess data or using it without full consent.

Would you like to remain in our database and keep receiving our email updates?”

ED E

Emails coming in like the below suggest opt in is the way to go:

Let us know if you ever want to hear from us again

ablelocks

Glass fused light wrote: »

Good ideas on the buttons but can I be very pedantic and recomend the use of the term database and remove the word email, otherwise you may end up with excess data or using it without full consent.

Would you like to remain in our database and keep receiving our email updates?”

But you also have to explicitly state what you are going to use the data for - so if it's for email contact you have to state that. Or text or social media etc etc etc.

getting existing customers explicit opt-in is going to be difficult. I've probably responded to about 1 in 5 of the emails I'm getting.

Glass fused light

ablelocks wrote: »

But you also have to explicitly state what you are going to use the data for - so if it's for email contact you have to state that. Or text or social media etc etc etc.

getting existing customers explicit opt-in is going to be difficult. I've probably responded to about 1 in 5 of the emails I'm getting.

Yes, read my post ( #26 ) on what i suggested the email should contain re collection and use/processing. The danger is if you have data eg donation record, a phone number, physical address, contact records from prior events etc your not getting explicit to hold this only their email address.

Its hard to get customer to act, (my bank wrote to me maybe 4 times threatening to impound my money unless I supplied AML and could still be writing to me except that I was asked in person at the counter.) that's why I suggested the physical mail shot if it's economically viable.


I think the biggest problem any small organisation will have at this stage is the tight turnaround time needed to comply. Most organisations which have been proactive in the data protection space would have adopted an opt-in under the current regime

boege

Data protection has been around for a while now. GDPR is essentially increasingly the rights afforded to the the public on controlling how organisations can legally mange any of their personal information.

The 'right to opt-out' was a feature of previous data protection legislation. Often seen as an 'unsubscribe' link at the bottom of a lot of marketing emails.

'Opt-in' or 'explicit consent' is one of the big changes being introduced under GDPR. My understanding is that Opt-out will remain as a 'right to withdraw consent'.

Opt-in by way of email consent also needs to be separate. Never bundle consent with your terms and conditions, privacy notices, or any of your services, unless email consent is necessary to complete that service.

If you are in the email marketing business you really need to be on top of GDPR as it has direct impact on marketing practices.