Before the GDPR regulation came into play in 2016, email marketing was a very cowboy and free-for-all sector. Webmasters had the opportunity to send bulks of emails to people who had not consented or given their data – and there were no or limited repercussions. Digital marketers had the opportunity to aggressively email anyone they wanted, even if the lists were bought from third parties or obtained illegally.
Fast forward to 5 years later and companies and marketers alike must tread very carefully when it comes to sending out emails – and technically you should not ever send emails to a database or a list of people who have not opted in. The result can be an investigation by the ICO because it breaks GDPR rules – and this can lead to a hefty fine or other penalty.
So what are the rules? When is it OK to send email marketing?
It is perfectly legal, according to GDPR rules, if any customers or participants have opted in and consented to receiving emails from you. This gives you the option to send anything from newsletters, updates, offers and competitions within a legal parameter. This is essentially your data since customers have actively opted in to you, so it is perfectly fine to send them information.
In addition, it is essential that any email marketing copy gives readers the opportunity to unsubscribe and thus never receive further emails. You may be able to keep the customer’s data on file, but it is important that they do not receive further emails or this will break the terms and conditions often stated on your company’s website.
When it comes to buying email addresses and lists from other third parties – this is frowned upon, because it is not technically your data. However, there are clever ways around this, such as active collaborations with brands, such as emailing on their behalf, with their domain and email address. You may also wish to clearly state how you got their information to avoid any animosity, whilst giving customers the option to unsubscribe if they wish.
How can I send emails to people in a safe way?
“There is nothing wrong with sending someone an email,” explains Ben Sweiry of data and fintech startup, Dime Alley.
“After all, if someone’s details are clearly visible or available on their website, they are pretty much encouraging you to get in touch.”
“So there is nothing wrong with sending a one-off or a follow-up email. But if you were to subscribe them to regular newsletters, that is different, because they have not fully consented. A random email, though, assumes that there will be an end and it is not habitual or like you have illegally added them to a list, so it is acceptable.”
“Of course there is big business in buying email lists and databases, but this can be curbed professionally if you open a brand collaboration, merger or partnership – and if you are offering something useful to the customer, they are not exactly going to raise it with the ICO.”
“You must always explain how you received data and give people the option to unsubscribe. This will definitely help you follow best practices.”