GDPR & Email Newsletters

CrunchyFr0g

Free Member
May 10, 2018
6
1
Hi
I'm a one-man-band e-commerce website owner who's really unsure about GDPR implications.
Specifically, I currently send a monthly newsletter to anyone who takes a free or paid product from my site. They give me their email address to receive the product, and I store it to send a monthly update with similar new products released that month.
They can, of course, unsubscribe from these newsletters.
Do I have to retro-actively go back and ask for explicit consent to continue sending these?
Similarly, must I now get explicit consent from new visitors who take a free or paid product before I can send them the newsletter?
I fear the answer is that I must, which is a big worry.
Thanks for any help.
 
  • Like
Reactions: Nochexman

ryedale

Contributor
Free Member
Dec 17, 2013
1,554
369
50
Malton
The ethos behind GDPR is explicit consent rather than implicit

So if all the existing people on your list didn't give you explicit permission that you can prove for you to mail them then you have to contact them asking them to confirm they are happy for you to continue to send them the mails

If they don't confirm this, then you can't mail them after the 25th without this permission unfortuantely.

Likewise with new ones, you have to give them the choice to be signed up to the newsletter - it must be a box that they have to actually tick to say yes.
 
  • Like
Reactions: CrunchyFr0g
Upvote 0
If you want to continue mailing existing customers, you'll also need to send them a final mail before May 25th asking them to opt back in to receive further emails, and have a process to remove any customers who don't opt back in from your list.
 
Upvote 0

Paulsou

Free Member
Dec 31, 2012
169
23
Not only the email for marketing but you must clear all customers data from computer after certain time. We have told customers their details must remain for a period for tax purposes only then wipe of system, but this must be stated in a privacy policy.
 
Upvote 0

CrunchyFr0g

Free Member
May 10, 2018
6
1
Not only the email for marketing but you must clear all customers data from computer after certain time. We have told customers their details must remain for a period for tax purposes only then wipe of system, but this must be stated in a privacy policy.
Thanks.
Yes I have a reference to that in my privacy policy.
It raises another problem I have, which is that I currently retain data relating to sales indefinitely and I do so because if a customer loses their purchase they can ask for a replacement download link and I have the data confirming who they are and what they bought.
Once I delete their data I won't be able to do this as I won't have the record that they bought anything.
I've assumed that I can consider that to be legitimate interest to keep their data, but maybe I'm wrong.
 
Upvote 0

sands67

Free Member
Apr 10, 2011
72
7
This just shows yet again how much misunderstanding there is around this subject.

These are clients. free or paid. So to update that through a newsletter (with an opt out) could well be reasonably described as legitimate interest. They have bought/are using your product, it is reasonable to keep them updated with complimentary products, upgrades changes etc. Remember, there is no precedent as to what is actually legitimate interest!

Also, the OP hasn't said whether business or consumer. Business is not the same, if you haven't already, read up on the current PECR regulations. [email protected] is not the same as [email protected].

There is the helpline you can ring at the information commissioners office (0303 123 1113 and select option 4) Be warned, there is normally a long wait.

PS @Paulsou why do you need to stop sending up follow up emails to clients?
 
Upvote 0

CrunchyFr0g

Free Member
May 10, 2018
6
1
@sands67

Many thanks for this reply. Wow this continues to be impossible to understand for the average small business owner who isn't a crack data protection lawyer!
I think I'm going to send the 'opt back in' email anyway just to make sure I can't possibly be on the wrong side of the law.
Just FYI, my clients are all consumers.
I did try the helpline but after a 2-hour wait and £20 of phone credit gone, I gave up.
 
Upvote 0
D

deanpunchard

@sands67

Many thanks for this reply. Wow this continues to be impossible to understand for the average small business owner who isn't a crack data protection lawyer!
I think I'm going to send the 'opt back in' email anyway just to make sure I can't possibly be on the wrong side of the law.
Just FYI, my clients are all consumers.
I did try the helpline but after a 2-hour wait and £20 of phone credit gone, I gave up.

If you're on Mailchimp, there's a straight forward way for folk to opt-in. I have done this, and about 75% of the subscribers haven't opted-in yet. But that's cool, the remaining 25% are actually people who care enough to opt-in. The 75% probably didn't read the newsletters or value them anyway, so no great loss.
 
Upvote 0

obscure

Free Member
Jan 18, 2008
3,370
879
The world
This just shows yet again how much misunderstanding there is around this subject.

......They have bought/are using your product, it is reasonable to keep them updated with complimentary products, upgrades changes etc.
I may well be one of those people misunderstanding but I was of the opinion that marketing additional products (even if you think they are complimentary) is exactly what you aren't allowed to do.

If I buy a motorbike from you there would be a legitimate business need to keep my details in order to email me about the progress of my order and for a reasonable time after that in case you need to contact me about safety issues/a recall etc. But you can't use those details to email me about the new sidecar you have just launched to go along with my bike unless I have specifically opted in to receiving marketing materials.
 
Upvote 0

CrunchyFr0g

Free Member
May 10, 2018
6
1
If you're on Mailchimp, there's a straight forward way for folk to opt-in. I have done this, and about 75% of the subscribers haven't opted-in yet. But that's cool, the remaining 25% are actually people who care enough to opt-in. The 75% probably didn't read the newsletters or value them anyway, so no great loss.
Thanks for chipping in.
I'm with SendInBlue and they also have quite an easy opt-in form. But two thirds of my customers are outside the EU and my challenge now is not so much the opt-back-in email, it's how to show the newsletter opt-in for future customers only to those in the EU. I don't want US (my biggest market) customers being shown irrelevant stuff that can only serve to irritate them.
 
Upvote 0

Hahnbeck

Free Member
Aug 4, 2017
35
8
If you're on Mailchimp, there's a straight forward way for folk to opt-in. I have done this, and about 75% of the subscribers haven't opted-in yet. But that's cool, the remaining 25% are actually people who care enough to opt-in. The 75% probably didn't read the newsletters or value them anyway, so no great loss.
That's a good way to look at it
 
Upvote 0

Hahnbeck

Free Member
Aug 4, 2017
35
8
Thanks for chipping in.
I'm with SendInBlue and they also have quite an easy opt-in form. But two thirds of my customers are outside the EU and my challenge now is not so much the opt-back-in email, it's how to show the newsletter opt-in for future customers only to those in the EU. I don't want US (my biggest market) customers being shown irrelevant stuff that can only serve to irritate them.
Most email automation software allows segmenting. Segmenting your customers based on your location (if you capture this) is very straightforward - the software normally allows much more complex segmentation and automation. I don't know about SendInBlue specifically but what you're describing (sending different emails to people in the US vs outside of the US) could be achieved with the most basic segmentation, as long as you've captured their addresses/locations.
 
Upvote 0

Latest Articles

Join UK Business Forums for free business advice