How to Remain Compliant with GDPR
In an effort to protect the privacy of its citizens at home and worldwide, any business that collects the contact information of European citizens, regardless of geographical location MUST comply with the GDPR (General Data Protection Regulation).
Disclaimer: We are not lawyers, we are marketers & developers. You should always consult your lawyer before making decisions with legal implications. We will not be held responsible for any violations levied against you as a result of implementing strategies in this article or use of the compliance tools provided by the Groundhogg WordPress plugin.
The Rules of GDPR:
- Your business address and phone number must be present in the footer of every marketing & transnational emails sent on behalf of your company.
- A clearly labelled unsubscribe link must be in the footer of every email.
- You must honour any unsubscribe requests across all your marketing properties.
- Subject lines must not be misleading, and information contained in emails must also not be misleading.
- All email addresses must be confirmed before they can receive marketing.
- Contacts can make a request of informant in which you as a business must disclose any information you’ve collected about a contact.
- Contacts can request that you delete or anonymize any information you’ve collected thus far.
- Contacts must give explicit consent before you can legally send them marketing.
Remember, even if you operate outside of the EU if you serve EU customers than you must comply with these regulations.
See below how you can implement Groundhogg tools to make this process easy.
Enable GDPR Features
You can enable Groundhogg's GDPR feature set by going to the Compliance settings tab and selecting Enable GDPR Features.
This will allow contacts to opt-out of marketing and delete their contact records from your email preferences page.
You can also enable Strict compliance by enabling the last option to not send emails without consent. This is recommended if you are a business based in the EU.
The above will enable two new features in the email preferences center.
Information Request Form
Any contact will be able to make an information request about their data. Groundhogg will generate an email and send it to their inbox. You do not have to do anything.
Deletion Request Form
Contacts will be able to delete their contact records. This is also automatic and requires no action from you.
Collect GDPR Consent
If you have GDPR features enabled, you need to collect GDPR consent from your list. Ther are serval ways to do that.
In a Form
If you are using a Groundhogg web form you can add the GDPR field to your form. Click the [ Add Field ] button and under the dropdown Compliance add GDPR Consent.
During Import
If you have previously collected GDPR consent, you can map your GDPR consent date column to the GDPR consent field in the dropdown.
Monitoring Consent
You will be able to monitor a contact's consent by seeing a field in the contact record. If a contact has consented you will see the date they gave consent.