In the last post in this series we looked at 'synchronising data between your systems'. This time I'm looking at reporting requirements and what you should consider saying to the people whose data you already have stored in your systems in a GDPR-friendly way.
I'll reiterate that this is not legal advice. This is just me giving some 'sensible' advice from all my GDPR research. To make sure you're GDPR compliant I suggest you start by booking a short consultation then I can put you in contact with our GDPR partner.
Now, back to considerations for the contacts you already have stored in your systems.
Every contact should be told why you’re contacting them, how you got their data, how you’re storing their data, how you’re going to use their data, and give them the option to request the data you hold, update details, update preferences, unsubscribe, or have request for data to be deleted.
To be honest, this is just good sales. If you're ethical in the way to approach new contacts, if you do your research, find reasons 'why' they're the right people, and approach people in a personalised way that gives them something of value, then my feeling is you're ticking the GDPR-friendly boxes.
When we're doing lead generation for our clients, the first email we send to EVERY new contact always includes this Snippet:
I'm contacting you because __________. I found your details on __________ and thought you'd find this email helpful for your work at __________.
And, before adding any contact to an email marketing list we always include this snippet (or ask verbally if we're on the phone or meeting in person):
Can I add you to our mailing list so you get the latest updates on __________ (you'll always have the opportunity to unsubscribe and request/modify/delete your data)?
Why do we do both?
Because most other companies don't bother. They just wack contacts on an email marketing list, bash out a newsletter or email campaign, and generally get poor results. Or they'll bash off the same generic sales email. That's easy to delete and does nothing to add value for the person you're contacting.
What happens when you ask first?
The majority of the time we get a yes and a lot of the time people also say thanks for asking.
It’s up to you how compliant you want to be in your outreach. You might just want to send a simple simple ‘opt-in’ email; however, consider the other details you need to give to each contact if you’re ultimately going to be keeping them in your systems.
Also, if you send an 'opt-in' email and nobody opts-in then you can't really revert to using 'Legitimate interests' as a reason to contact them in future. Instead of sending and opt-in email, you might want to send an email in the form of a feedback request, such as:
You've been on our mailing list for a while. I hope the content we've shared has been helpful. I'd value your feedback and would also like to know if there's any content you'd like to see that we haven't yet shared.
If you'd like to unsubscribe then here is the link. Otherwise, I'll keep you on our mailing list. We usually only send one newsletter each month with contact such as __________ or __________.
That approach is a good opportunity to show you're thinking about the people you have on your list. We've run 'feedback' email campaigns for a number of our clients and get great feedback. How many of your competitors are taking the time to ask their contacts for feedback? I'd almost guarantee none! That = Competitive advantage. You'll be seen as an outward looking company, you'll get some feedback, and can use that to improve what you do.
Some more considerations with your existing contacts
If you’ve already done an ‘opt-in’ campaign; do you need to update the details in your systems such as opted in or out or updated details?
How are you going to make sure contact details across systems stay updated? Use the cloud sync?
Do you know their subscription preferences? A customer might not want to receive your email newsletter but they might need one-to-one sales emails. How do you record subscription preferences and handle that across your different systems?
Then you need to decide what to do with the contacts that don’t opt-in. Think:
- Contacts where you have a ‘legitimate interest’ to contact them
- Hot prospects not yet customers etc
Do you delete them or you do a manual update of ‘Lawful basis for processing’ etc?
Need support with your data cleansing?
We can help you as this is one of the services we handle for our clients across their various systems. It's best to start with a short consultation call then I can let you know the best plan and budget.