Can you still use legacy email marketing lists? - GDPR series

Can you still use legacy email marketing lists? - GDPR series

12th April 2018 in Email Marketing, GDPR

The deadline for GDPR enforcement is only one month away, and the question we’re seeing more and more frequently is: “Can we still use our existing email marketing lists?”

If you’re not sure how the new regulations will affect your current email databases, here are some of the steps you might want to take:

Prior to GDPR enforcement

Ahead of the enforcement deadline (which is 25 May for anyone who is still unaware), get in touch with the people on your current database to inform them of any new information relating to how you process their data.

Hopefully, you should now have an updated, GDPR compliant privacy policy that you can share, and in this contact, be sure to give all email subscribers the opportunity for them object to processing their data for marketing. This opportunity to object must be clearly and prominently displayed, away from any other policies or information (you might also want to take this chance to double check that all of your marketing emails have a clear way to unsubscribe or change email preferences).

Assess your database

As we mentioned in our previous introduction to the GDPR, you will need to revisit your existing database, looking at both active and inactive users, to analyse whether or not you will be able to continue using it.

To ensure GDPR compliance, your database should show the following information:

  • Date the consent was given
  • Segmentation showing the areas of business that they consented to receive information about
  • Reference to how the data was collected e.g. website enquiry form, newsletter signup etc.
  • A ‘Do Not Contact’ list of people who have unsubscribed from receiving your emails

Active subscribers 

When it comes to your active email subscribers, there are a couple of different factors you might want to look at:

  • Provable consent: If you have active email subscribers in your database who have provable “freely given, specific, informed and unambiguous” consent, then you’re in luck! If you can demonstrate that they have given consent that’s in line with GDPR requirements, then no further action is needed and you’re free to continue using their data (unless they unsubscribe, of course).
  • No clear evidence of consent: Alternatively, there may be some people on your database who are active subscribers, but you don’t have any proof that they gave consent to receive your emails. In this case, if they are regularly engaging with your marketing emails (opening them, clicking through to your website etc.) you may be able to use the legal basis of ‘legitimate interests’ to continue using their data.

Side note: If an email is transactional or is considered to be a service message, rather than a marketing message, then you will be okay to send these to your customers.

Inactive subscribers

When it comes to your inactive subscribers (those who haven’t opened or engaged with any of your emails in, let’s say, the past 6 months) you will be unlikely to have any legal basis for continuing to process their data, unless they have given recent consent to receive marketing.

If someone isn’t opening your emails, and you can’t demonstrate an ongoing customer relationship or GDPR compliant consent, they should be removed from your email list and their data should not be used for any further marketing purposes.

Remember that GDPR isn’t being introduced to stop you marketing your business to your customers and prospects, you just need to be aware of how you are collecting, storing and using data to ensure that personal data is processed in a lawful, fair and transparent way.

For more information about the new data protection regulations, you can read the rest of our GDPR series here: https://www.applieddigital.co.uk/blog/tag/GDPR 

Or you can find more information here:
https://ico.org.uk/media/about-the-ico/consultations/2013551/draft-gdpr-consent-guidance-for-consultation-201703.pdf
https://ico.org.uk/for-organisations/guide-to-the-general-data-protection-regulation-gdpr/lawful-basis-for-processing/
https://www.communicatorcorp.com/blog/legacy-email-marketing-lists-the-gdpr-and-eprivacy
https://www.campaignmonitor.com/blog/email-marketing/2018/03/gdpr-what-it-is-how-it-affects-you-what-we-are-doing-to-help/

More from the blog

Gui 2311261 1280

20th February 2018 in SEO, Digital Strategy, Email Marketing, Social media

By Marnie Hartley

How to evaluate your marketing in 2018

Here at Applied, we thought we’d take a look at some of the ways in which you can analyse and evaluate the impact of your digital marketing. 

 Whether you're wanting to find out how to monitor referrals to your site or how to gain more engagement on social media, we’ll be providing you with insights on some great tools and platforms to help you with your marketing in 2018.

Read article chevron_right
What to include in a privacy notice - GDPR series

7th December 2017 in GDPR

By Lucy Adamson

What to include in a privacy notice - GDPR series

With GDPR enforcement just around the corner, businesses across Europe (and the world) are assessing the ways they collect data, and the privacy notices that sit alongside them.

In our summary of GDPR and how it will affect digital marketing, we mention the importance of using privacy notices on your website. So now you know that you need one, we’re ready to delve deeper into what a privacy notice actually is…

Read article chevron_right