We are starting to hear more and more about GDPR (General Data Protection Regulation) which comes into force on the 25th May 2018. While there is lots of advice flying around it’s hard to know what is correct and what’s not. I’m sharing the 3 things I’m hearing most often so that are UNTRUE you can be one step ahead! 

1. You are complying with GDPR for consent by asking people to unsubscribe if they don’t want to be on your list anymore. FALSE.

I’ve had a few emails lately where I am asked, for the purpose of GDPR compliance, to unsubscribe if I don’t want to be on the list. While this is a good thing to do anyway, it doesn’t make you compliant under GDPR because, in the words of the GDPR guidance, “Consent requires a positive opt-in. Don’t use pre-ticked boxes or any other method of consent by default.” This means that you must be able to show that everyone on your list has given their explicit permission to be on that list, knowing exactly what you are going to be sending them. The consent was not just as an aside to signing up for something else (which is consent by default).

2. You are complying with GDPR if you are giving things away (like a free report, eBook, prize entry) and you clearly state that you will be added to the list as part of getting the free thing. FALSE.

This is similar to the previous point but is another thing I am hearing a lot. Stating that you are going to add people to your list at the point of sign up is a legal requirement under the current regulations. From the 25th May the regulations require what is called ‘unbundled’ consent and states “Consent should not be a precondition of signing up to a service unless necessary for that service.” So, if someone signs up for a webinar it’s fine to email them about the webinar and send them a recording as long as you tell them that is what will happen. But you can’t add them to your main newsletter as well unless they opt IN to that separately.

3. This is the end of the world. FALSE.

OK that’s a bit dramatic but lots of people are getting their knickers in a twist about GDPR. I genuinely think GDPR is a great opportunity to improve both the way we work and the way we interact with our customers. This is what the ICO (Information Commisioner’s Office) says this about the new consent rules:

Getting this right should be seen as essential to good customer service: it will put people at the centre of the relationship, and can help build customer confidence and trust.   This can enhance your reputation,improve levels of engagement and encourage use of new services and products. It’s one way to set yourself apart from the competition.

Who doesn’t want more customer confidence and to be set apart from the competition? I’d love to know if you feel you have enough information on GDPR? I’m thinking of sharing more about it but that’s only useful if you feel you need more. I’d love to know how you feel about GDPR and whether you think you are ready for the changes it will require in your business. Want to know more? The ICO is a great place to start.

This information is not the same as legal advice, where a solicitor applies the policy to your specific circumstances, so you must consult an solicitor if you’d like advice on your interpretation of this information or its accuracy. In a nutshell, you may not rely on this information as legal advice, nor as a recommendation of any particular legal understanding.