GDPR comes into practice on 25 May 2018, just one week away, so we need to get consent forms completed. The GDPR defines consent as:
Freely given, specific, informed and unambiguous consent; which informs subscribers about the brand that’s collecting the consent and provide information about the purposes of collecting personal data.
Below we have detailed the options available.
EASY, CLEAR LANGUAGE
Consent must be unambiguous. This means that customers must be able to easily understand what they are consenting to. If there is any room for doubt, it is not a valid consent, so make sure you avoid double negatives and use the simplest language possible.
- I would like to receive emails from Your Photography Business!
- Sign me up for your email list so that I can receive special offers and discounts
- I understand and agree to the email marketing terms and conditions.
You cannot have any checkboxes pre-ticked unless it is absolutely necessary to the use of the service. This may have worked in the past as a tactic but not anymore – customers must now actively opt-in to subscribe to communications.
In order to be compliant with the GDPR regulations, you must allow customers the free choice over which content they receive. For example, if you are asking for consent to send sales emails and marketing emails you must allow customers to choose what they receive. Customers should also be able to choose the frequency at which they receive the information as well as channel preferences.
DO NOT TIE CONSENTS TOGETHER
It’s important to keep agreement consents separate from each other, particularly at the checkout stage. Consent should also not be a precondition of signing up as this makes it an invalid consent and takes away the customer’s free choice. If the agreement consents are linked then it’s best to show a notice such as: “Click here to view our mailing terms and conditions”.
Customers must have the right to withdraw their consent at any time and they should be told, clearly, how to do this. You can simply include an unsubscribe link, or tell customers where they can find the withdraw preferences e.g. “If you wish to stop receiving our emails, you can unsubscribe by following the link in our emails or website footer”.
We have made some subtle changes to the Advanced Contact page and Contract Agreement page. Now, you can also choose a form input field to hold a custom permissions control, where we interpret the box being left empty/blank or “no” as Opt Out and everything else as Opt-In.
From the CSV file downloaded from the contact form there is now a new field, “i_policy”, exists on every submission with values of:
- i_policy = 2 Opt-In
- i_policy =3 Opt Out
- i_policy = 5 Not Asked
From the very bottom of each contact form email sent to you there will show one of these three sentences:
- GDPR notice: this user has opted into offers and updates.
- GDPR notice: this user has DECLINED offers and updates.
- GDPR notice: this user was not prompted for offers and updates.