Both Neil and myself have had a lot of questions in regards to the new legislation being enforced soon, so we thought we should write a blog telling you everything we know, as well as how to prepare yourself. We may add more blogs and make this a series if more questions arise. Please note we are not lawyers so cannot give legal advice and this blog is simply something that you may find useful.
As you may or may not know from May 2018 the way that personal data is kept is being changed through the EU, due to an update in the European GDPR law (General Data Protection Regulation).
The new privacy law will become enforceable on May 25 2018 and businesses not conforming to it have been warned with large fines. GDPR regulates how a business treats or uses the personal date of European citizens, including businesses located outside of the EU (if they have clients, or customers who are European).
Personal data is any piece of information that’s used alone or with other information that could identify a person such as name, address, Email address, telephone number etc.
If your company hold this kind of information about your clients or customers, you will need to comply with the GDPR law.
The GDPR will replace an older directive on data privacy, Directive 95/46/EC, and it introduces a few important changes that may affect small businesses.
So how will this effect newsletters?
Well if you have a newsletter and are using MailChimp, then you are holding personal data about your clients or customers. As you are holding their First and Last Name and Email address on your MailChimp account.
This means, according to GDPR, you need to gain the full consent of these clients to hold their details. Without their consent you cannot hold their personal data and wll need to give them the chance to completely delete their personal data. Unfortunately this is not as simple as unsubscribing them, as this does not completely remove all data.
Luckily this in not as difficult as it may seem. Here is how to request consent with MailChimp.
1. Head over to MailChimp and login
2. Click on “Lists” from the main menu at the top of the screen
3. Click on the title or your Newsletter list
4. Click on manage contacts on the secondary menu on the list page and select groups
5. Once on the group page click create group.
6. Select radio buttons from the selection. Fill in the group category area to something like “I want to stay subscribed to this newsletter and give my consent to my personal data”.
7. Fill in two group names, one that says Yes and one that says No.
8. Click save and then “Done for Now” on the next page
9. Head over to campaigns and create a new email. Name the campaign something that lets your subscribers know that you are requesting from them.
10. Fill out the campaign details as you usually would
11. Choose your usual email template
12. In the body of your email let your subscribers know what is happening. I suggest you tell them if they choose “No” they will have their Personal Data and Subscription deleted in 3 days and if they don’t reply they will also have their data removed within 5 days as without consent you cannot keep the date. You don’t need to be overly technical keep it plain and simple so that they understand what they need to do and why.
13. Create a link and paste into the “Web Address” area the follow code –
This will create a link in the newsletter where people can update their profile in a web page created by MailChimp as well as deny or grant their consent.
14. Here is a mock up for your reference of how our own came out
15. Send out the campaign and wait the time you stated. Then head into MailChimp again. Anyone who responded either way will now be seen under List > Your List Name > Manage Contacts > Groups> Click “View Groups” next the name of the group you created earlier.
16. Here you will see that your subscribers have been grouped according to the their answer. Now simply delete everyone in the “No” group.
17. If you aren’t sure how to delete contacts – here is a helpful guide from MailChimp.
What about going forward?
This is easier. MailChimp had removed the double opt-in procedure as a standard, however they have announce that they will be keeping it for all European accounts. Double Opt-in is a procedure for when someone signs up to your newsletter, they are sent an email asking them to consent to giving their information. If they don’t respond then no information is processed. This means your Newsletter has already receive the consent it needs to hold the personal data. You may want to write a little disclaimer in the Opt-in email which you can change in your MailChimp account so that people are 100% aware. This means though that going forward you don’t have to do anything at all.
We hope this has helped you to comply with the new GDPR laws.