'Is This The End?' -- Could GDPR Compliance Be This Simple?

"Is this the end?" It's certainly a subject line that will catch the eye of a consumer scrolling through their inbox seeking out the detritus to delete before taking a look at what might appeal.

It certainly stood out to me at the weekend when Thorntons, the chocolate company, reminded me that I hadn't opened an email in quite a long time. The wording was fun, along the lines that they were hoping this wasn't "it," but if I didn't want to hear from them any more, they'd understand. A bit like a lighthearted break up letter it was hoping would strengthen old bonds rather than lose a subscriber.

We will see an awful lot more of this in the year ahead as brands get ready for GDPR, the European legislation that requires brands to get freely given, informed consent for the uses they intend to put a customer's data to. There's a lot of talk of "consent centres" which consumers will be able to use to tick what they want their data used for and what they don't. So I was surprised that the Thorntons communication I received didn't take me through to a tick-box section but rather just showed me the home page and a couple of offers once I had clicked to go on receiving email.

However, there's an important point here. Maybe that's all it needs to show? If a brand is only going to email a customer, if that's the channel of choice, then what's wrong with giving someone a choice of subscribing or unsubscribing? As far as email is concerned, the brand has proven that I was asked and said "yes." Crucially, the offer to carry on subscribing wasn't linked to any incentive. There was no enticement that i would miss out on if I'd said no which means the brand fully passes the 'free' side of "free and informed" consent.

So maybe this GDPR thing isn't quite so awful after all? Certainly as long as you want to stick to emailing and don't pass any data on to a third party nor use data to inform personalised advertising on another channel, then a simple "do you want to carry on receiving our emails or not" could well be making yourself GDPR-ready.

It's worth remembering that an annual clean-up of lists is actually good email hygiene. Brands will typically get in touch with consumers who have not interacted with any content for a while to see whether it's still relevant to them. Addresses that always bounce can be removed and non-responsive email addresses can be checked before being deleted. This can only help with a brand's email reputation. 

Top advice is to talk to a lawyer about what steps you need to take regarding compliance beyond just an email list. I'm no legal eagle and so am not passing on advice but I'd presume that if you're personalising emails based on behaviour on an app or a Web site, you'll need to be up front about this use of the data, and a simple "Yes" or "No" to more emails will not fully cover you. If you have different lists for very different parts of the business -- perhaps a sister company -- you'll also need to get approval for each use of the data.

However, what Thorntons showed to me on the weekend is that although there are legal considerations behind the process, the consumer-facing decision need not look too daunting if you are limiting data to emailing and have got permission through a simple click to say "Yes." It can ensure that you are in a better place when GDPR comes in, and could improve your online reputation for email which can only be good news for future delivery rates. 

Next story loading loading..