If you read the heading thinking "What the heck is this GDPR?", this is your wake-up call! You know how everyone tells you, you need an Email list to start making money online? Growing this list is likely becoming more difficult with the GDPR 2018 in place.
GDPR 2018 – End of the Celebrated Opt-in Freebie?
If you are a blogger, online solopreneur or online business owner who builds their Email list by offering an opt-in freebie aka lead magnet in exchange for Email addresses – the new General Data Protection Regulation (GDPR) is something you’ll have to start paying attention to.
And my guess is, you won’t like what you are about to hear… Neither did I! I had just spent a few weeks figuring out what freebie to offer to get subscribers to my Email list when I came across the new law. And now I have to change my strategy again. Bummer! To save you from making the same mistake I made, I’ll give you a quick summary of the key points of these new regulations and explain what they mean for your opt-in freebie.
*Disclaimer: I’m not a lawyer and any information given in this post is not intended, and should not be taken, as legal advice. If you are unsure of what the new General Data Protection Regulations mean for your business specifically, please contact your attorney for advice.*
Disclosure: This post contains affiliate links. This means when you purchase something through links marked as affiliate links (affiliate links are marked by an asterisk), I may receive a small commission at no extra cost to you. All opinions expressed here are my own and I only recommend products and services that I personally love!
The General Data Protection Regulation 2018 (GDPR)
The new General Data Protection Regulation, or GDPR for short, comes into effect on May 25th, 2018 and replaces the former Data Protection Directive 95/46/EC. It aims to provide a standardized basis for data privacy across Europe.
Europe? Did I just hear you sigh with relief because you are not based in Europe? Not so fast my dear! This concerns everyone who processes personal data from EU citizens. So you might be based in the US, but have EU citizens on your mailing list, then you’ll still have to make sure you meet the new GDPR requirements (extra-territorial applicability of the GDPR 2018).
No, swearing won’t help… And burying your head in the sand is not an option either since the fines are astronomical: Fines could theoretically be as high as 4% of annual global turnover or €20 Million (whichever is higher). Granted, there is a tiered approach and those are the maximum fines, but you could still face some hefty penalties. So unless you have that kind of money lying around, I suggest we have a closer look at those GDPR 2018 requirements, shall we?
Consent Under GDPR 2018
To be compliant with the new law, you need consent from your website visitor to collect their Email addresses and use them for your online marketing campaigns. This consent under GDPR 2018 must meet higher standards than before:
Article 4, Recital 32: Consent should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject’s agreement to the processing of personal data relating to him or her (…). Silence, pre-ticked boxes or inactivity should not therefore constitute consent.
What does GDPR 2018 Mean for Building your Email List?
What does this mean for you? From what I understand, the times of easy sign-up-friendly forms with nothing but the request for some sort of personal data (most often a name and an Email address) are gone. There is much more, that will have to go on these forms now:
- You will now have to state very clearly what someone is going to sign up for. In case of a newsletter, for example, you should include how often subscribers can expect to hear from you. Moreover, what your Emails will include.
- Are you going to pitch your products or services to your subscribers (who doesn’t??)? You should tell them on the sign-up form and get their consent for doing so.
- You should also link to your data security statement and let your potential subscriber read and accept your Ts&Cs.
- Furthermore, make it easy for them to unsubscribe from your list and tell them how to do so.
- Obviously, any kind of pre-ticked consent boxes are a no-no from now on, as consent is not actively given.
This is my modified (hopefully!) GDPR compliant newsletter subscription form to give you an idea of what this could look like:
See how I put those five points into action? I have to admit, from a psychology and design point of view, this makes me cringe… While I absolutely agree that data protection and transparency are very important and need to be improved, I think the way it’s handled now affects user experience.
Giving your potential subscriber so much more to do before they can finally subscribe to your list, is likely going to negatively impact your Email list growth. People are looking for easy options. If something involves too much effort, they might reconsider and not do it at all.
There is an upside to this though. The people who do sign up are more likely to be engaged and excited to hear from you. Which really is a great thing, when you think about it. You don’t need a big Email list with lots of unengaged people on it. You might actually be better off with a smaller but more engaged list. *There is hope!*
What Does GDPR 2018 Mean for your Opt-In Strategy?
Ok, by now you might have grudgingly accepted to modify your sign-up form and hope for the best. Brace yourself, there is another BIG issue concerning your Email list building strategy. Are you offering a downloadable opt-in freebie/lead magnet in order to convert website visitors into subscribers? Oh oh.
Article 7: When assessing whether consent is freely given, utmost account shall be taken of whether, inter alia, the performance of a contract, including the provision of a service, is conditional on consent to the processing of personal data that is not necessary for the performance of that contract.
In plain English, that means Email consent must not be bundled with anything you offer unless it directly requires the Email address. For example, if you are offering an Email course, this obviously requires you to collect an Email address in order to deliver what people sign up for.
If you offer a swipe file/eBook/PDF/template, however, you don’t need to collect an Email address to deliver this offer. Therefore, you are not allowed to use the “download-xyz-in-exchange-for-your-Email-address-approach” anymore. This will affect a lot of bloggers and small online business owners. If you are one of them, you need a new strategy.
Adjusting your Opt-In Strategy to be GDPR 2018 compliant
Ok, one way to go about this is something I already mentioned: Creating an offer that requires collecting Email addresses to deliver your offer. Like an Email course or a challenge. Keep in mind though, you can’t just keep Emailing those who subscribed to that offer, once it has ended. You can, however, ask them to subscribe to your Email list at the end of your course/challenge. If they liked what you offered, chances are they will want to stay on your list.
There is another possibility that requires less work on your part, but might also be less effective. If you don’t want to change your freebie, you can still offer the download as is. You are just not allowed to collect Email addresses in exchange for the download. But you can offer the option to join your Emailing list when they download your freebie. Handing over their Email address must be optional. Of course, there will be people downloading your freebie without giving you their Email address. Then again, if they love your freebie, they might want to be on your list and subscribe.
GDPR 2018 Conclusions
I think for now I’m going with the second option for the free online business guide that I’m offering. What about you? How are you going to make sure that your free offers and Email opt-ins are meeting the new GDPR 2018 requirements? Are there more strategies that I’m not aware of? If so, please share them in the comments to help others! And if you found this post helpful, don’t forget to pin and share it! You are the best. 🙂
Just to make one thing crystal clear: Email consent is not the only point you need to address to be compliant. There is a whole lot more involved to get your business up to standard. So don’t forget to have a closer look at those regulations.
More Ressources to Help you With GDPR 2018
There is a great General Data Protection Regulation Checklist that you can download and use to help you with GDPR 2018 compliance. I also found this free GDRP plugin that can help you meet the new obligations and rights.
As I said above, adjusting your opt-in strategy is just one step to become GDPR compliant. If you would like to learn more and are someone who prefers to learn from video, check out this Skillshare* class taught by Robert Sullivan. Has worked with the UK Prime Minister, Cabinet Ministers, and has taught at a large number of international Business Schools. This guy knows what he is talking about. He’s not some blogger trying to make sense of the new regulations, he has an impressive academic background and lots of experience. I went through his course and even though, I found it a bit tedious at times (legal things just don’t really excite me that much…), I found it very informative and I think it offers a good overview over what’s required under GDPR 2018.
In case you haven’t joined Skillshare yet – it’s an online learning community that offers access to over 21,000 classes on various topics from GDPR to graphic design and (almost) everything in between. I’m excited to offer you a two months FREE trial of Skillshare Premium (normally $10/month) if you use my affiliate link above. 🙂 Two months should be plenty of time to go through Robert Sullivan’s course and a lot of other interesting courses that you’ll discover. Give it a go!
What’s your opinion on the new GDPR 2018? Is it a good thing or do you think they are going a bit overboard with all these new requirements? I’d love to hear your thoughts on this! Do you think it’s going to impact your business?
As always, happy experimenting!