GDPR compliance is that (frustrating) new thing showing up over and over again in your email inbox! Maybe you’ve recently been inundated with notifications from people whose newsletter you’ve subscribed to? Or, perhaps, your favorite brands – whose freemiums you once opted in for – are now sending emails suggesting you need to opt in AGAIN. What?! Well, dear online entrepreneur, this new wave of communication is all about updated privacy policies known as GDPR guidelines. And you need to know how to be in compliance.
Let’s do a brief history lesson on what a GDPR compliance actually is…
The European Union’s General Data Protection Regulation (GDPR) is a new regulation, and it only applies in the European Union. It is intended to give EU citizens and residents more control over their data. So, it’s not actually a United States regulation. But it will affect United States businesses – which is probably why you’re getting all of these notifications about privacy policies.
Generally, when you ask customers to sign up for something, you might require a name and email address. But, this isn’t just about email marketing. It covers all of the different kinds of ways you might use data in your business.
GDPR is intended to give you – the customer – more control over how other people use your personal information. This is why it has all these new rules for you – the business – handling anyone’s information.
Look, if you’re like the majority of online or E-commerce businesses, you’re going to touch a lot of people in the EU and the UK. Hence, this very much applies to us here in America.
Okay, what do we need to do in order to be in compliance?
The first thing: Audit your business.
Review whatever apps and other technology you’re using in your business. Pull out your credit card statement and look at all those recurring payments you’re making every month.
Do you have plugins on your website that handle other people’s data? If you’re doing one-on-one services with clients, are you using a service that does on-boarding and sends intake forms?
You just need to really look at how you’re handling other people’s data across your entire business.
The second thing: Make sure vendors are GDPR compliant.
See, if you’re handling someone’s data and you send it to one of these apps, or vendors, YOU’RE responsible if there’s a data breach. Like, someone’s social security number getting posted on the internet. Yikes.
The third thing: Affirmative consent.
There are some changes to those opt-in forms we’re all using to collect people’s email addresses.
I’ll understand your need to momentarily freak out over this one…
In short, the GDPR has revised its rules to include that you must get an affirmative consent from any prospective customer / subscriber. That means, you are going to need to tell people exactly what they’re signing up for and get them to say, “Yes, I want to sign up for this.”
A popular example of the old bait and switch most of us used to do, “Give me your email, and I’ll send you this great checklist!”
Then what happens? In no time, you’re sending them tons of marketing emails. Well, not anymore!
With this updated rule, you’re going to have to employ a double opt-in.
I bet you’re curious as to what, exactly, to include in this affirmative consent, right? And how to best utilize a newly required double opt-in?
In this crazy hot podcast interview with Autumn Witt (lawyer and expert on topics of this matter), you’ll hear us break down all the above, plus:
- What is the subtle workaround for this new policy?
- How to stay in compliance with your existing email subscribers!
- Suggestions on doing a re-engagement campaign!
- What you should do if you want to comply & be 100% on the right side of everything!
Honestly, it’s a crucial episode for any entrepreneur with an online or e-commerce business! Listen NOW and be one of the first to master this new important email game!