They say time flies when you are having fun. Well, GDPR wasn't exactly fun, but the year did fly by quickly. So what has happened?
GDPR was one of the most discussed topics of 2018. Last May, it was searched for more times than Beyoncé and Kim Kardashian, so it must be important!
While GDPR attracted a lot of criticism from larger companies with concerns that it would destroy the digital ecosystem, the real worry was how it would affect everyday small businesses who simply wanted to send emails to their customers.
For many, these four letters may have appeared in a nightmare or two.
A year has passed and it turns out that GDPR did not have the catastrophic effects that people thought it would. In many ways, GDPR helped email marketing more than it hurt it.
Here’s a quick recap of what happened and what it means for your email marketing.
GDPR was publicly announced two years before its implementation, yet most people ignored it until a few weeks/days before the deadline. Considering the huge scope and complexity of GDPR, this mass procrastination caused a frenzy and state of confusion for businesses, lawyers, and even data protection experts.
“Procrastinate now, don't put it off.” ― Ellen DeGeneres
The 2018 GDPR Compliance Report revealed that only 40 percent of organizations were GDPR compliant by the May 2018 deadline.
Despite the confusion and criticism, GDPR at its core is a good thing for everyone. Technology has transformed our lives for the better, and a driver behind the power of the information age is your personal data.
It’s been 25 years since lawmakers drafted new data protection legislation. A lot has changed since 1995.
Today, your data is a valuable asset that you willingly trade for products and services. It needs to be protected accordingly. You probably wouldn’t give your car keys to a stranger without a proper agreement. It’s the same with your data.
GDPR ensures that everyone, as an owner of his/her unique data, has appropriate rights that others must respect. Luckily for email marketers, when you respect people’s personal data, your results will flourish.
For some reason, everyone thought that GDPR would kill email marketing by depleting their email list and making it nearly impossible to find new subscribers. Did you feel that way?
Let’s be honest, your email list probably did get shorter after you implemented the GDPR opt-in process. But a shorter list doesn’t mean your list suffered. The people that remained are your loyal audience. They are the ones who will open your emails and click through to your content.
GDPR forced people to clean up their email list, which resulted in better email performance.
Everyone must build their list the right way by obtaining explicit consent. Now that there is a standard to follow, the number of email abusers will continue to decrease. As email marketing practices improve across the board, the sweet converting power will increase as well.
While your email effectiveness is sure to increase, GDPR is not without its challenges. One area of change that causes the biggest trouble is in collecting and storing subscriber consent.
GDPR raised the bar with specific requirements for the collection of consent, including:
Another source of confusion revolves around adhering to the various data rights such as portability, access, right to be forgotten, etc. To help you solve these requirements, MailerLite developed several new GDPR tools to manage your subscribers’ data.
According to EU statistics, email marketing is one of the top sources of GDPR complaints. To help you avoid complaints, here are the keys to managing a compliant email marketing operation.
Remember, checkboxes are not a requirement if you need consent for one purpose. You also don’t need to add a checkbox for a free giveaway. Just make sure you explicitly explain that the lead magnet is offered in exchange for joining the email list. Checkboxes are necessary when you need consent for two or more separate things, such as a newsletter and advertising. If you want more information, here’s a whole article dedicated to GDPR opt-in forms.
Never ignore your subscribers' requests. Respect their rights, which includes having a process to address and respond to their inquiries.
Keep in mind that you must clearly state which 3rd party providers you use for email marketing as well as any other business processes.
European data protection agencies have issued fines amounting to 56 million EUR for GDPR breaches since regulations began to be enforced last May.
Google was hardest hit with a record 50 million EUR, which shook the whole data protection community. France’s data protection regulator (CNIL) found that Google violated the GDPR in two ways: by excessively disseminating essential information and by describing its data processing activities in a manner that was “too generic and vague”.
They were in breach of the GDPR requirement for transparency. They also failed to obtain a valid legal basis for processing personal data for ad personalization, which violates the GDPR requirements for specific and unambiguous consent for all forms of personal data processing.
This is not the first GDPR fine, but it’s by far the most significant. There have been other, smaller cases across various industries. In December, a Portuguese hospital was fined 400,000 EUR after its staff used bogus accounts to access patient records, and a German social network operator “Knuddels.de” was fined 20,000 EUR for storing social media passwords in plain text.
The European Commission has published an interesting infographic taking a closer look at compliance, enforcement, and awareness of GDPR. Here are some numbers that stuck out:
Wait, why are we thanking GDPR? As it turned out, GDPR didn't kill email marketing. We believe that it helped many of you create more effective email campaigns.
By respecting your subscribers and providing value with every email you send, GDPR delivers that extra layer of awareness to help you remember that your subscribers are not just a number – they are people with rights.
People own their data. When you agree to treat them and their data like you would want others to treat you and yours, good things happen.
As always, MailerLite is here for you to help answer questions and navigate GDPR for email marketing.
If you missed our other GDPR-related articles and videos, here they are:
Hi, my name is Marta, legal counsel at MailerLite. As a legal professional, it’s my job to ensure we’re always following the rules, especially regarding GDPR compliance. To blow off steam, I enjoy kickboxing. I call my punching bag “Mr. GDPR,” and boy do I get a good workout.