GPDR: Questions and Answers

GPDR: Questions and Answers

  1. What is a double opt-in and why do I have to do it?

Double opt-in is essentially a process designed to prove that the person you are emailing has agreed to your communications. For example, a data subject fills out their details on a web page and then the company emails that person to confirm the details are theirs, that they are accurate and that they want to opt-in.
You have to apply this double opt-in process as GDPR states that you must have a proven record that any data subject you contact has given you permission to contact them via their details. If you rely purely on a single opt-in process, it would be possible for anyone to type in another person’s email address, without subsequent confirmation. It’s essentially a ‘double-check’ process to ensure data is not misused.

  1. Can I still market to my customers?

For now, of course. However, once GDPR comes into effect, we are taking the stance that even your customers should have to double opt-in to your communications. This is because GDPR currently states that all EU data subjects must give consent to your marketing communications.
However, you will still be allowed to send service, maintenance and transactional emails.

  1. How do I prove that someone has opted-in? 

At Give the Dog a Bone we will be using our Marketing Automation Software. This process means that after someone has filled out a form, they are sent an email asking them to complete the opt-in process. We can then capture the details of their opt-in statement, including

  • Date
  • Time
  • Source
  • Consent statement

This provides a verifiable account of what each contact has given consent to save in our system.

At the time the data subject opts-in. This way we have a provable account of what each contact has given consent to save in our system. 

  1. How do we get people to opt-in? 

There are different opt-in approaches for different audiences. For example, for new website visitors, you might choose to use a pop-up form on your website. For your engaged data, you might ask them to opt-in before they download an asset on your website or sign up to your mailing list. For your customers, you might simply send them an email series asking them to opt-in.
However, to see the highest opt-in rates, offer valuable content in exchange for their opt-in consent. For example, offer an asset or promotion for new prospects or the latest offers and upgrades for customers.

  1. Can we email cold purchased data lists? 

For now, yes. However, once GDPR comes into force on May 25th you may not be able to. Data providers are currently researching telephone verified opted-in lists. The likelihood is that these lists will come at a higher cost post-GDPR. We’d recommend buying top-target lists now and opting-in as much data as you can until May 2018.

  1. What do we have to do after GDPR comes into effect?

Once GDPR is in effect from 25th May 2018 you are going to have to ensure you are only marketing to those who have opted-in to your communications! Otherwise, you risk exposure to a fine that could amount to as much as 4% of your company’s annual turnover.
To make sure new prospects are still opting-in to your communications after May 2018, use inbound channels such as social media and PPC to send leads to form fill areas. Having good, valuable content and offers that people will want to download is essential to getting more people to opt-in to your marketing. Email marketing, in turn, will become a lead nurture tool rather than a lead generation tool once GDPR comes into force.

For more information please call us on 01565 740165 or alternatively email