GDPR and your email marketing Follow

We are big fans of the General Data Protection Regulation (GDPR) and believe it will pave the way for a new international standard of data management and email marketing for everyone – not just EU citizens.

The GDPR ensures that businesses are collecting and handling personal data in a way that protects the privacy of EU citizens. Even if the GDPR won't affect you, it’s a great opportunity for you to improve processes internally build better relationships with your customers.

Because you’re using Vision6 for email marketing, there are a few things you might like to consider doing to be compliant with the GDPR. This will include some policy updating on your behalf and also usage of some specific features we have implemented to help you be GDPR compliant when using our product.

Who does the GDPR apply to?

The GDPR applies to any organisation in the European Union that is processing personal data. It also applies to any organisation that processes the personal data of EU data subjects, regardless of whether the organization has a presence in the European Union or whether the processing is conducted within the European Union.

If you collect, store, manage, or analyze personal data of any type, including email addresses, it is likely that the GDPR affects your organization.

GDPR Checklist

To help you be compliant with GDPR and your marketing activities via Vision6, there are a dedicated set of features available in the product.

These features are heavily focused on obtaining and proving that contacts on your list have provided consent in a GDPR compliant manner.

  • Update your subscriber forms to be GDPR compliant:
    • Edit your lists and enable the GDPR option
    • Add a dedicate consent checkbox to your forms
    • Review and update your consent text from the Admin menu
    • Ensure consent text is added to your forms
  • Send an email to your existing subscribers and ask them to re-submit their consent
    • Select a re-consent template (or design your own)
    • Link a button to your new GDPR compliant form
    • Send the email using the Advanced search filter to identify contacts who last opened an email in the EU
    • Consider emailing your entire list for consent
  • Review your contacts consent history via the contact details pop-up
    • View the details of a contact and select the Consent History menu to view their history of consent

Obtaining consent for new subscribers

There are a number of important things to consider when obtaining consent from your subscribers and whilst we make is easy from a product perspective, you should consider what changes you may need to make to your subscription forms.

In short, you will need to be informing individuals about how their data is being processed and what it is that they are consenting to, to ensure that the real choice is provided to that individual.

At a minimum, you must present the following information to customers.

  • A clear and concise option to provide consent
  • The purpose for which consent is sought (what types of marketing will you be sending? Why do you need the information? Marketing preferences)
  • Types of data that will be collected and used (Fields available on the form)
  • How to withdraw consent (Explanation on how to unsubscribe, with a link)
  • Details on any third parties who will also receive the personal data (This can simply be a link to your privacy policy detailing any processors of data such as Vision6)
  • Is personal data being transferred overseas? (Again, this can be information available in your privacy policy)
  • Details that identify the company (a logo or company information)

It might seem like a lot of additional information that you need to add to your form but the reality is, you probably have ¾ of it already.

Vision6 gives you the ability to enable GDPR settings for your lists.

This will:

  • Enable a dedicated consent component to your forms.
  • Enable dedicated consent disclaimer to your forms.
  • Flag any contacts who subscribe and provide consent with ‘GDPR’.

Learn more about the consent component

Re-capturing consent for existing subscribers

If you have already been using a dedicated option to allow individuals to provide express consent along with the other provisions listed above, you might just be able to continue marketing to your contacts.

It is likely, however, that some of you will need to re-obtain consent from their contacts from some or all of their lists. Regardless of the GDPR, ensuring that people on your list actually want to receive communication from you, is a good thing and will only mean better engagement from your contact lists.

We’ve built some tools to make it easier for you to create and send a re-consent campaign including:

  • Dedicated templates to send to your contacts to ask for consent
  • The ability to search for and filter contacts who last opened an email in the EU
  • The ability to search for and filter contacts who have provided GDPR consent

Learn more about creating a re-consent campaign

Proving consent for existing subscribers

Having accurate consent information for your subscribers is good practice regardless of any GDPR requirements and if you’re collecting information on subscribers using Vision6, your contact consent history will be recorded against each individual. Even if you were already using double opt-in on your subscribe forms, technically, this is not enough when it comes to GDPR, you may wish to obtain consent again which generally speaking, is not a bad thing.

In order to actually prove that you have consent from your contacts, you need to provide the following information

  • The name or other identifiers of the individual that consented
  • A record that they specifically selected the consent option on the form
  • The date or timestamp that they consented
  • The version of the form they submitted and the corresponding privacy policy
  • A copy of the fields in the form that they submitted

Once you enable GDPR compliant components on your forms and start collecting subscriber information, each contact in your list that completes the form will be marked as ‘GDPR consented’ in the list. Additionally, the product will:

  • Record the timestamp and history of each time the contact provides consent
  • Keep a record of the fields that the contact completed for each time they provided consent
  • A copy of the consent disclaimer including any links to privacy policies included at the time of their submitting the form

Learn more about contact details and consent history



Have more questions? Submit a request