If you read the heading thinking "What the heck is this GDPR?", this is your wake-up call! You know how everyone tells you, you need an Email list to start making money online? Growing this list is likely becoming more difficult with the GDPR 2018 in place.
GDPR 2018 – End of the Celebrated Opt-in Freebie
If you are a blogger, online solopreneur or online business owner who builds their Email list by offering an opt-in freebie aka lead magnet in exchange for Email addresses – the new General Data Protection Regulation (GDPR) is something you’ll have to start paying attention to.
And my guess is, you won’t like what you are about to hear… Neither did I! I had just spent a few weeks figuring out what freebie to offer to get subscribers to my Email list when I came across the new law. And now I have to change my strategy again. Bummer! To save you from making the same mistake I made, I’ll give you a quick summary of the key points of these new regulations and explain what they mean for your opt-in freebie.
*Disclaimer: I’m not a lawyer and any information given in this post is not intended, and should not be taken, as legal advice. If you are unsure of what the new General Data Protection Regulations mean for your business specifically, please contact your attorney for advice.*
Disclosure: This post contains affiliate links. This means when you purchase something through links marked as affiliate links (affiliate links are marked by an asterisk), I may receive a small commission at no extra cost to you. All opinions expressed here are my own and I only recommend products and services that I personally love!
The General Data Protection Regulation 2018 (GDPR)
The new General Data Protection Regulation, or GDPR for short, comes into effect on May 25th, 2018 and replaces the former Data Protection Directive 95/46/EC. It aims to provide a standardized basis for data privacy across Europe.
Europe? Did I just hear you sigh with relief because you are not based in Europe? Not so fast my dear! This concerns everyone who processes personal data from EU citizens. So you might be based in the US, but have EU citizens on your mailing list, then you’ll still have to make sure you meet the new GDPR requirements (extra-territorial applicability of the GDPR 2018).
No, swearing won’t help… And burying your head in the sand is not an option either since the fines are astronomical: Fines could theoretically be as high as 4% of annual global turnover or €20 Million (whichever is higher). Granted, there is a tiered approach and those are the maximum fines, but you could still face some hefty penalties. So unless you have that kind of money lying around, I suggest we have a closer look at those GDPR 2018 requirements, shall we?
Consent Under GDPR 2018
To be compliant with the new law, you need consent from your website visitor to collect their Email addresses and use them for your online marketing campaigns. This consent under GDPR 2018 must meet higher standards than before:
Article 4, Recital 32: Consent should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject’s agreement to the processing of personal data relating to him or her (…). Silence, pre-ticked boxes or inactivity should not therefore constitute consent.
What does GDPR 2018 Mean for Building your Email List?
What does this mean for you? From what I understand, the times of easy sign-up-friendly forms with nothing but the request for some sort of personal data (most often a name and an Email address) are gone. There is much more, that will have to go on these forms now:
- You will now have to state very clearly what someone is going to sign up for. In case of a newsletter, for example, you should include how often subscribers can expect to hear from you. Moreover, what your Emails will include.
- Are you going to pitch your products or services to your subscribers (who doesn’t??)? You should tell them on the sign-up form and get their consent for doing so.
- You should also link to your data security statement and let your potential subscriber read and accept your Ts&Cs.
- Furthermore, make it easy for them to unsubscribe from your list and tell them how to do so.
- Obviously, any kind of pre-ticked consent boxes are a no-no from now on, as consent is not actively given.
This is my modified (hopefully!) GDPR compliant newsletter subscription form to give you an idea of what this could look like: