How To Get GDPR Compliant
General Data Protection Regulation (GDPR) is an EU privacy law that went into effect on May 25, 2018.
Even though most email service providers have super helpful GDPR-compliant tools as part of their services, you might still be confused about what to do in your business to make sure that you’re following the GDPR rules and aren’t doing anything that could land you in legal hot water.
If you’ve been wondering…
Can I email my list to find out who lives in the EU (am I actually allowed to ask people that?!)?
Should I just reach out to everyone, or only people I think live in the EU?
Can I just require double opt-in and call it a day? (Hint: no, double opt-in doesn’t have anything to do with GDPR and it doesn’t put you in compliance).
Sit back and relax, because I’ve got your back!
Here are 3 things you can do right away if you haven’t gotten into GDPR compliance yet (either because you put it off for a good long time, OR you’re just starting your business and need to know what to do)…
2. Segment Your List
If you’re a member of The Ultimate Bundle™, then you know that the #1 step to the GDPR is to segment your list. “Segment” means to corral. Ok, maybe not officially. You basically want to use your email service (i.e., ConvertKit, MailChimp, AWeber, etc.) to group those on your email list based on their location.
IF YOU’RE OUTSIDE THE EU: If you can, segment those on your list who are located within the EU or whose location is unknown. You figure out their location data based on what your email service provider tells you. For example, in ConvertKit, I created a new segment on my list called “EU SUBSCRIBERS” and I filtered by “Location: European Union”.
This is super important for those of you who haven’t quite complied with the GDPR yet.
At the very least, and I’m not saying it’s the most “legally legit” thing in the world, segmenting will prevent you from continuing to email EU people whose consent you didn’t get by the deadline in 2018.
For now, just exclude your entire EU segment each time you send an email. Once you get a system in place, you’ll be able to add in those who give you their consent.
3. Add in Consent Tools
Even if you didn’t comply by the May 25th, 2018 deadline, or you’re brand new to the whole email marketing game, you can still make sure that people entering your email list from now on get there the right way.
In case you missed it, the basic gist of the GDPR is to give people an idea of exactly what they’re opting into. That means that the old way of doing this (having someone opt in for your freebie and then adding them to your email list), won’t work anymore for your subscribers based in the EU.
Inside of my Ultimate Bundle™, I include a 3-part GDPR video training where I show you exactly how to do this, and even how I have this setup in my own business.
If you’re outside of the EU and need to set up a system to get EU people’s consent, here are a few ideas:
When possible, add unchecked checkboxes to your opt-in forms, landing pages, etc. that ask people for specific, affirmative consent to receive promotional emails from you in the future. This is PERFECT to use on freebie opt-ins, where you want to add this person to your regular email list or sequence moving forward.
Freebie Delivery Email //
Since you’ve segmented your email list, consider creating a separate email sequence for those people who enter your list who are IN the EU. That way, they still get the freebie delivery email, but you can add a section to that email that asks them for consent to send promotional emails moving forward. You could do by a link that tags them, taking them to a landing page, or sending them to fill out a form. Either way, you have to be explicit and specific about what you’re going to email them about (promotions/advertising vs. content newsletters).
Ask It Where You HAVE To //
As much as you can – limit these tools to be shown to EU people ONLY (if you’re not in the EU yourself). You don’t need to get these level of consent from everyone, if you’re an American/Canadian entrepreneur. So doing so will put an unnecessary filter on your subscribers, and will seriously hurt your opt-in rate. I use ConvertKit and they gave us the option to show the checkboxes on opt-in forms and pages to those located within the EU only. I took it : )
So, there you have it! These are just a few ideas of some of the quick-action steps you can take to tackle the GDPR this late in the game. And if you want even more insight, I have an in-depth video about GDPR that you can watch on YouTube by clicking here.
If you have any questions, get in touch! I’d love to hear from you.
PS. IMPORTANT: Remember, this isn’t legal advice that pertains to you, your personal situation, or your exact business situation. This is general information and education meant to help you learn what areas of your business need legal attention. This information, or anything else on my site, is not meant to replace, or be a substitute for, legal advice from your own attorney licensed to practice law in your area. Always consult a local attorney in your area for legal advice regarding your exact situation.