Starting May 2018, email marketers need to comply with new GDPR policies or pay hefty fines to the EU. The General Data Protection Regulation is the legislation by the European Union effective May 25, 2018. This may not seem to be a problem for US based marketing activities but will affect those who are based in the US but does business in EU country.
There are many toolkits with different levels of sophistication to help companies in assessing and complying with the new regulations, little has been discussed for the technology platforms that hold the data.
To address the issues of email marketers or businesses doing operations in EU, check the following list of compliances to avoid getting hefty fines from the European Union.
1. Secure your email infrastructure.
Email security is an important factor in the new GDPR policy. When a subscriber requests removal or unsubscription from the emails, all the personal data has to be completely removed from the system.
Marketers need to create a system that enables locating, deleting and editing a record easy and automated. In addition, in an event of breach of security, companies need to report it to data protection officer or the supervising authority within 72 hours.
2. Improve subscribing feature
With the new regulation, subscribers need to be informed, and agreed, to how their information will be used and the content to expect which includes a newsletter or informational emails.
GDPR requires that the opt-in process should provide two separate checkboxes, one for receiving emails and another one having terms and conditions box.
3. Use concise language and remove jargon.
In addition to the subscription box, companies need to comply with regulations by defining how their information will be used and also be attention-grabbing enough to get a good number of subscribers.
To share information with other companies, it needs to be mentioned explicitly. Deceiving subscribers or hiding intentions through manipulative language will be a violation of the GDPR regulation.
It is currently unclear about the fine that will be imposed for violators and also depends on the region. In the UK, the Information Commissioner’s office can issue fines up to 500,000 GBP. The risk of GDPR isn’t only the fine amount but the name of the company will appear in headlines after the breach.