When I got back from the Social Media Marketing World Conference I had so many messages from people asking me what I knew about GDPR – the new rules around data protection coming into use on May 25th and at first I was like “yeah you don’t need to worry about it, as long as you are using third party apps like Mailchimp and Aweber to collect and look after your data you are fine.”
However, I did say that I would delve a little deeper, and so that’s what I’ve been doing this week.
It is a bit more complicated than I first thought but the most important thing is NOT to let it stop you doing what you’re doing and growing your email list and your business.
Before I get down to the nitty gritty I have to say I am not by any stretch of the imagination a GDPR specialist. But here’s what I understand…..
First up, Data Protector legislation, has already been in existence for years, and 90% of it will remain unchanged so we’ve already been working under most of the rules in all that time.
However, because of the sudden change in social media over the last decade and the way people market nowadays the Information Commission’s Officer is overseeing some new changes that make up about 10% of the regulation and it’s all being done to protect the man in the street, us, in effect.
You might have noticed that with all the new technology over the last ten years we are getting an awful lot more ads and emails showing up. This new and updated regulation will make sure we are not spammed and that we give our explicit consent. On the flip side it means that when we are marketing we have to be really upfront about what we are doing and get our customers’ explicit consent too. No more blanket adding people to your lists.
With me so far?
Ok, so as far as I can tell it affects 3 main areas of our business. And before you say you don’t count because you are a one man band let me inform you that this new GDPR Regulation applies to every business no matter how big or small.
The 3 areas are these.
Advertising especially using Facebook Pixels and retargeting ads.
Let’s start with the easiest one to solve.
1: Your website.
They have always been full of legal jargon in the past and one of the new rules is that they are in plain English so they can be understood and that they point out clearly who you are and how you intend to use people’s data. Now they want some extra details in like how long you will keep their data, your lawful reason for processing their data and who they should complain to if they’re not happy.
And finally, it pays to have an https site for extra security.
This is where the lines get a little blurred for me. In a nutshell it looks like you can still offer people a “freebie” and get them onto your email list BUT if you then want to add them to a newsletter they would have to opt in with another checkbox.
It looks like whatever you are giving with your Freebie you can only give that and nothing else. For example, if they sign up for a free detox you cannot then email them about your bootcamp or event, they would have to opt in separately for that.
This is a bit of a nightmare because we are going to start seeing opt in boxes with a list of options. So it will say things like Sign up for my Free Gift, newsletter, general marketing, my retreats etc etc and I wonder how many will just tick the free gift box?
The other problem is that a lot of the service providers we use to gather our email data are American and GDPR is a European thing and so they have been a little slow off the mark preparing for the changes. I spoke to Aweber yesterday and they told me they would be ready later this year but the changes come into effect May 25th and I’m about to create a whole new set of opt ins so that doesn’t really help me.
Mailchimp seem a bit more on the ball and have created a handy guide for you.
The other problem you may have with your email lists is if you have not been upfront with people who you have already added onto your list. So if you got them with a freebie, did you then tell them they would receive your weekly newsletter as well?
Also, have they opted in properly to your database or have you just added them without their consent?
So you’re probably wondering whether you have to contact all of the people on your list already and the short answer is no.
Just concentrate on moving forwards and adding them to your new lists that you create. I’m sure there will be lots more information available as the deadline looms.
The old laws and the new laws are there to protect us and so going forwards you will not get away with any of that in the future. We have to be upfront about what it is they are signing up for and they have to sign up again for additional things.
I’m still researching this and I think we will see some jazzy new opt ins start appearing on the scene so I’ll come back to you on this one and how we can take advantage of it moving forwards.
3: Advertising using retargeting methods.
So this is about having that cookie law on your website to let people know upfront that they are being traced. But another thing to watch out for is if you have used unscrupulous methods to obtain Facebook audiences in the past. Remember when people could scrape groups? Sometimes people just uploaded excel sheets of data straight into the audience section.
If you have ever done anything a bit shady it might be best to delete that audience from your database to be on the safe side.
Remember 90% of this regulation has already been in force for years and we all survived that.
It’s just looking after consumers and being upfront in everything you do. The regulations are being brought in to protect us all and I think there will be changes to the way we do business in the future but more on that another day.
I hope you find this useful and that it has set your mind at rest somewhat and you’d like more helpful articles like this sign up to my blog list where you get all the information first SIGN UP HERE
Yvonne “trying to put this very complicated issue into plain English” Radley.