{"id":119845,"date":"2018-05-10T08:00:28","date_gmt":"2018-05-10T12:00:28","guid":{"rendered":"https:\/\/optinmonster.com\/?p=119845"},"modified":"2019-01-07T14:53:31","modified_gmt":"2019-01-07T19:53:31","slug":"what-you-need-to-know-about-gdpr-and-optinmonster","status":"publish","type":"post","link":"https:\/\/optinmonster.com\/what-you-need-to-know-about-gdpr-and-optinmonster\/","title":{"rendered":"What You Need to Know About the GDPR (and How It Affects OptinMonster)"},"content":{"rendered":"<p>On May 25th, 2018, the long-awaited General Data Protection Regulation (GDPR) will go into effect. Many of you have already been hearing about GDPR the past several months. That\u2019s because this new regulation makes some big changes to data privacy and individual rights for people in the European Union (EU), and affects businesses around the world.<\/p>\n<p>Speculation about GDPR has caused some panic among business owners and marketers. A lot of misinformation is being spread, and we have received many questions from our users about what this change means for you.<\/p>\n<p>In this post, I want to explain about how the GDPR may affect your online lead generation and <a href=\"https:\/\/optinmonster.com\/beginners-guide-to-email-marketing\/\">email marketing<\/a>, and how OptinMonster is working to help you stay ahead of the curve and keep converting visitors into subscribers and customers.<\/p>\n<div class=\"alert alert-warning\"><strong>Note<\/strong>: This article does not constitute legal advice. We recommend consulting with professional legal counsel to make sure you\u2019re compliant with all GDPR regulations.<\/div>\n<h3>Is This the End of Marketing in the EU?<\/h3>\n<p>Because GDPR requires you to get explicit consent before collecting email addresses or sending any marketing emails to EU citizens, some folks have jumped to the conclusion that they need to stop email marketing altogether, or completely block website visitors from the EU to avoid facing huge fines and penalties.<\/p>\n<p>Thankfully, that&#8217;s just not the case.<\/p>\n<p>Straight from GDPR, here is what they define as consent:<\/p>\n<blockquote><p>Any freely given, specific, informed and unambiguous indication of the data subject\u2019s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her.<\/p><\/blockquote>\n<p>There\u2019s been a lot of speculation about how exactly this should be put into practice. But it\u2019s only that &#8211; speculation. GDPR doesn\u2019t tell you exactly how you need to obtain consent.<\/p>\n<p>That said, there are a few methods that are being talked about and put into practice around the web.<\/p>\n<p>To help you to figure out exactly how GDPR may effect your email marketing, and how OptinMonster can help you to keep <a href=\"https:\/\/optinmonster.com\/lead-generation\/\">generating leads<\/a>, let\u2019s take a look at a few possible approaches to the &#8220;GDPR problem&#8221;:<\/p>\n<ul>\n<li>The Avoidance Approach<\/li>\n<li>The Average Approach<\/li>\n<li>The Smart Marketer\u2019s Approach<\/li>\n<\/ul>\n<p>Let\u2019s take a look&#8230;<\/p>\n<h3>1. The Avoidance Approach: Ignoring the Issue<\/h3>\n<p>The GDPR is 200 pages long &#8211; that\u2019s a LOT of legal mumbo-jumbo to sort through.<\/p>\n<p>It\u2019s easy to just throw your hands up in the air and give up marketing to EU citizens altogether.<\/p>\n<p>Well, that is one approach\u2026 but there are some serious risks involved here:<\/p>\n<ul>\n<li>If you keep doing email marketing as usual without gaining proper consent, you could be fined millions of euros.<\/li>\n<li>If you block all visitors from the EU, you\u2019re missing out on a HUGE customer base and throwing away all that potential revenue.<\/li>\n<\/ul>\n<p>There\u2019s a better way.<\/p>\n<p>Next let\u2019s take a look at the average approach, which is the most common so far.<\/p>\n<h3>2. The Average Approach: Always Ask for Explicit Consent<\/h3>\n<p>The past few weeks, you may have seen your inbox flooded with emails asking you if you still want to remain subscribed.<\/p>\n<p>This is the approach many businesses are taking &#8211; to get consent via email, either with a \u201cre-consent\u201d email, or with a <a href=\"https:\/\/optinmonster.com\/double-optin-vs-single-optin-which-one-is-better\/\">double opt-in<\/a> email for new subscribers.<\/p>\n<p>The double opt-in confirmation email can be used to get explicit permission to send marketing emails. The email could be as simple as this example from <a href=\"https:\/\/www.preact.co.uk\/blog\/gdpr-double-opt-in-process-for-dynamics-365\" target=\"_blank\" rel=\"nofollow noopener\">Preact CRM<\/a>:<\/p>\n<p><img decoding=\"async\" class=\"aligncenter size-full wp-image-119862\" src=\"https:\/\/optinmonster.com\/wp-content\/uploads\/2018\/05\/opt04.png\" alt=\"gdpr double opt-in example\" width=\"487\" height=\"505\" srcset=\"https:\/\/optinmonster.com\/wp-content\/uploads\/2018\/05\/opt04.png 487w, https:\/\/optinmonster.com\/wp-content\/uploads\/2018\/05\/opt04-289x300.png 289w\" sizes=\"(max-width: 487px) 100vw, 487px\" \/><\/p>\n<p>Here&#8217;s another simple example from The Pool, although their button CTA could be considered problematic. The button text could be improved by changing it to something more specific, like &#8220;I Consent&#8221; or &#8220;Sign Me Up&#8221;.<\/p>\n<p><img decoding=\"async\" class=\"aligncenter size-full wp-image-119859\" src=\"https:\/\/optinmonster.com\/wp-content\/uploads\/2018\/05\/pool-compressor.jpg\" alt=\"example double opt-in\" width=\"681\" height=\"459\" srcset=\"https:\/\/optinmonster.com\/wp-content\/uploads\/2018\/05\/pool-compressor.jpg 681w, https:\/\/optinmonster.com\/wp-content\/uploads\/2018\/05\/pool-compressor-300x202.jpg 300w\" sizes=\"(max-width: 681px) 100vw, 681px\" \/><\/p>\n<p>The double opt-in method has some benefits:<\/p>\n<ul>\n<li>They won\u2019t receive any further emails unless they click the button to agree to them.<\/li>\n<li>The subscriber\u2019s consent will be explicit, so their data won&#8217;t be used unless they consent.<\/li>\n<li>A record of their consent is automatically kept by your email newsletter service provider.<\/li>\n<\/ul>\n<p><strong>Using a Required Checkbox to Get Consent<\/strong><\/p>\n<p>Besides double opt-in, some businesses are choosing to use another method to get consent from all new subscribers: a checkbox on the optin form itself. Unless the visitor checks the box to agree, they won\u2019t be able to submit the form to sign up.<\/p>\n<p><strong>Note<\/strong>: It&#8217;s a common misconception that checkboxes are specifically required by GDPR. This is just one method some businesses are using to get clear consent.<\/p>\n<p>With OptinMonster&#8217;s customizable forms and fields, you can add a consent checkbox to any optin campaign.<\/p>\n<p><img decoding=\"async\" class=\"alignnone size-full wp-image-182870\" src=\"https:\/\/optinmonster.com\/wp-content\/uploads\/2018\/05\/consent-checkbox-for-field-mapping-gdpr.png\" alt=\"An email signup popup with a Consent checkbox option that says &quot;I agree to receive personalized marketing emails. There is a settings sidebar to the left with the options including: a &quot;Required&quot; toggle, Field Label text box, and Field Name text box\" width=\"620\" height=\"350\" srcset=\"https:\/\/optinmonster.com\/wp-content\/uploads\/2018\/05\/consent-checkbox-for-field-mapping-gdpr.png 620w, https:\/\/optinmonster.com\/wp-content\/uploads\/2018\/05\/consent-checkbox-for-field-mapping-gdpr-300x169.png 300w\" sizes=\"(max-width: 620px) 100vw, 620px\" \/><\/p>\n<p>You can choose to make the checkbox\u00a0<strong>Required. <\/strong>If the checkbox isn&#8217;t checked, the visitor will not be able to subscribe.<\/p>\n<p>The\u00a0<strong>Field Name<\/strong> setting in the left-hand is especially important for GDPR compliance. For full compliance, you&#8217;ll want to use\u00a0<strong>Field Mapping\u00a0<\/strong>for your checkbox field and all personal data fields.<\/p>\n<p><a href=\"https:\/\/optinmonster.com\/docs\/use-field-mapping-to-add-extra-fields-to-your-optin-form\/\">Field Mapping<\/a> is how you connect the data fields in your optin forms with your Email Service Provider&#8217;s (ESP) subscriber database.<\/p>\n<p>You can use Field Mapping to carefully control where, how, and if each subscriber&#8217;s personal data is stored. By doing so, you can make sure that you are following GDPR rules.<\/p>\n<p>Field mapping is currently available for users <a href=\"https:\/\/optinmonster.com\/docs\/use-field-mapping-to-add-extra-fields-to-your-optin-form\/#Supported_Integrations\">with these integrations<\/a>. The exact process for mapping will be a little different for each ESP, but it all starts by carefully choosing the\u00a0<strong>Field Name<\/strong> for each field. You&#8217;ll have to match that name with the Field ID in your ESP to control how you use that data.<\/p>\n<p>For more on adding fields to campaigns and Field Mapping, watch this video:<\/p>\n<p><iframe title=\"YouTube video player\" src=\"https:\/\/www.youtube.com\/embed\/s7vW_NlsdaM?si=1GVvCCLOeQkSk1OU\" width=\"560\" height=\"315\" frameborder=\"0\" allowfullscreen=\"allowfullscreen\"><span data-mce-type=\"bookmark\" style=\"display: inline-block; width: 0px; overflow: hidden; line-height: 0;\" class=\"mce_SELRES_start\">\ufeff<\/span><\/iframe><\/p>\n<p><strong>What Makes This Approach \u201cAverage\u201d?<\/strong><\/p>\n<p>Using double opt-in and\/or checkboxes is a clear way to get explicit consent.<\/p>\n<p>But there\u2019s a downside. You\u2019re going to be missing out on a lot of subscribers and leads who miss your double opt-in email or don\u2019t want to be bothered with a checkbox.<\/p>\n<p>Double opt-in creates a longer signup process for subscribers. The more steps there are, the more likely it is that some people won\u2019t complete them. People who signed up actually WANT to have a relationship with you, but that\u2019ll never happen unless they click the double opt-in. If they miss your email or forget to click, you lose out on a lot of potential revenue.<\/p>\n<p>One huge benefit of single opt-in is that when a subscriber signs up, they\u2019re immediately on the list. That allows you to grow your list fast, and connect with new subscribers more quickly.<\/p>\n<p>But in the era of GDPR, can you have it both ways?<\/p>\n<p>If you\u2019re smart, you can. Here\u2019s how\u2026<\/p>\n<h3>3. The Smart Marketers Approach: Geo-Targeting<\/h3>\n<p>A smart marketer can get consent only from EU visitors, WITHOUT requiring other users to jump through extra hoops.<\/p>\n<p>Using OptinMonster\u2019s Geo-Location Targeting, you can create separate campaigns targeted to specific locations. We&#8217;ve also just added a new feature so you can easily <strong>target or exclude the entire EU at once<\/strong> for each campaign you create:<\/p>\n<p><img decoding=\"async\" class=\"alignnone size-full wp-image-119973\" src=\"https:\/\/optinmonster.com\/wp-content\/uploads\/2018\/05\/eu-geotargeting.png\" alt=\"eu geotargeting for gdpr\" width=\"800\" height=\"404\" srcset=\"https:\/\/optinmonster.com\/wp-content\/uploads\/2018\/05\/eu-geotargeting.png 800w, https:\/\/optinmonster.com\/wp-content\/uploads\/2018\/05\/eu-geotargeting-300x152.png 300w, https:\/\/optinmonster.com\/wp-content\/uploads\/2018\/05\/eu-geotargeting-768x388.png 768w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p>Best of all, you can actually choose to <strong>enable double or single opt-in on a per-campaign basis<\/strong>. Here&#8217;s <a href=\"https:\/\/optinmonster.com\/docs\/how-to-enable-single-optin-for-mailchimp-in-optinmonster\/\">how to enable single or double opt-in with MailChimp<\/a>, for example.<\/p>\n<p>That means you can require EU visitors to complete the double opt-in process, while adding visitors in other countries to your list right away.<\/p>\n<p>Here&#8217;s how you can <a href=\"https:\/\/optinmonster.com\/docs\/upgrade-geo-location-addon\/\">unlock geo-location targeting in your OptinMonster account today<\/a>.<\/p>\n<p>Remember, to ensure full GDPR compliance, we recommend getting professional legal counsel.<\/p>\n<h3>Common Questions About GDPR<\/h3>\n<p>There are a few more common questions we&#8217;ve gotten about GDPR and OptinMonster that we&#8217;d like to help you out with.<\/p>\n<p><strong>Do I have to comply with GDPR even if I\u2019m not in the EU?<\/strong><\/p>\n<p>Yes, GDPR applies to all companies that control and process EU data, no matter where your business is. That includes you if you collect the email addresses of any EU citizens.<\/p>\n<p><strong>Can I still offer a lead magnet in exchange for someone\u2019s email address?<\/strong><\/p>\n<p>Yes, absolutely. You just have to get their consent to send the <a href=\"https:\/\/optinmonster.com\/9-lead-magnets-to-increase-subscribers\/\">lead magnet<\/a>, AND get their consent to follow up with marketing emails. Keep in mind: just because they requested your lead magnet doesn\u2019t mean they also consent to your newsletter.<\/p>\n<p>You can do this with double opt-in emails, as we talked about earlier.<\/p>\n<p>And using OptinMonster&#8217;s <a href=\"https:\/\/optinmonster.com\/features\/geo-location-targeting\/\">geo-location targeting<\/a>, you can make sure that EU residents are asked for explicit consent, without reducing your email signups in other countries.<\/p>\n<p><strong>Do you offer a Data Processing Agreement?<\/strong><\/p>\n<p>Yes, our Data Processing Agreement (DPA) offers terms that meet GDPR requirements, and reflects our data privacy and security commitments to our customers.<\/p>\n<p>If you&#8217;re processing personal data on behalf of EU\/EEA individuals, you can <a href=\"https:\/\/optinmonster.com\/gdpr\/dpa\/\">sign this agreement here<\/a>.<\/p>\n<p>We\u2019re also offering a GDPR Audit Concierge service for our customers. If you\u2019re being audited, we want you to know we have your back and will get you any data we have that can help you comply with the audit.<\/p>\n<p>You can find all these and more resources on our <a href=\"https:\/\/optinmonster.com\/gdpr\/\">GDPR page<\/a>.<\/p>\n<h3>What\u2019s Next?<\/h3>\n<p>If you\u2019re not getting clear email marketing consent from EU subscribers, then please consult with a lawyer and implement the tips suggested above before May 25, 2018.<\/p>\n<p>If you have a friend who\u2019s using a non-compliant lead-generation solution, then let them know about this post and convince them to <a href=\"https:\/\/optinmonster.com\/pricing\/\">get OptinMonster today<\/a>!<\/p>\n<p>(Yes, we have an <a href=\"https:\/\/optinmonster.com\/affiliates\/\">affiliate program<\/a>, so you can even earn some extra $$$ too ;))<\/p>\n<p>But in all seriousness, we\u2019re committed to helping you convert visitors into subscribers while complying will all legal requirements and delivering the best user experience.<\/p>\n<p>As always, I want to thank you for using OptinMonster. We\u2019re proud to help you build your email list in a \u201cGDPR Friendly\u201d way.<\/p>\n<p>Cheers,<br \/>\nThomas Griffin, Co-founder and President of OptinMonster<\/p>\n<p>Not using OptinMonster yet? Stop losing subscribers and <a href=\"https:\/\/optinmonster.com\/pricing\/\">get started with OptinMonster today<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>On May 25th, 2018, the long-awaited General Data Protection Regulation (GDPR) will go into effect. Many of you have already been hearing about GDPR the past several months. That\u2019s because this new regulation makes some big changes to data privacy and individual rights for people in the European Union (EU), and affects businesses around the&nbsp;&hellip;<\/p>\n","protected":false},"author":2,"featured_media":119846,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"limit_modified_date":"1","last_modified_date":"","om_disable_all_campaigns":false,"_monsterinsights_skip_tracking":false,"_monsterinsights_sitenote_active":false,"_monsterinsights_sitenote_note":"","_monsterinsights_sitenote_category":0,"om_meta_post_subtitle":"","footnotes":""},"categories":[7],"tags":[9557,28,11596,205,295],"class_list":["post-119845","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-announcements","tag-double-opt-in","tag-email-marketing-2","tag-gdpr","tag-list-building","tag-single-optin-vs-double-optin"],"case_study_meta":[],"acf":[],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/optinmonster.com\/wp-json\/wp\/v2\/posts\/119845","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/optinmonster.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/optinmonster.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/optinmonster.com\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/optinmonster.com\/wp-json\/wp\/v2\/comments?post=119845"}],"version-history":[{"count":25,"href":"https:\/\/optinmonster.com\/wp-json\/wp\/v2\/posts\/119845\/revisions"}],"predecessor-version":[{"id":183819,"href":"https:\/\/optinmonster.com\/wp-json\/wp\/v2\/posts\/119845\/revisions\/183819"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/optinmonster.com\/wp-json\/wp\/v2\/media\/119846"}],"wp:attachment":[{"href":"https:\/\/optinmonster.com\/wp-json\/wp\/v2\/media?parent=119845"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/optinmonster.com\/wp-json\/wp\/v2\/categories?post=119845"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/optinmonster.com\/wp-json\/wp\/v2\/tags?post=119845"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}