Your Email Marketing & GDPR Compliance

This information is for guidance only. It does not constitute legal advice.

GDPR has substantially changed the law governing email marketing and marketing databases. GDPR says if you want to use email marketing you must obtain explicit, opt-in consent, and be clear about how your contacts’ data will be used when you obtain that consent.

The law says that pre-ticked boxes (along with silence and inactivity) do not count as consent, so you’ll need to make changes to comply to:

  • your marketing database on MailChimp
  • build an opt-in form to collect the GDPR data from the re-engagement campaign
  • send a re-engagement email campaign

Ongoing, GDPR also gives people further rights regarding the use of their personal data and they can now request, for example, that their data be deleted, moved, or corrected at any time from your MailChimp email marketing account.

But don’t worry. We can help with all of this and just need your input on a few things. Let’s get started…

1. Getting your MailChimp database GDPR ready

There are 2 steps to this:

[1] Adopting MailChimp GDPR systems

You have your own MailChimp account which we use to broadcast your e-newsletters. As you’d expect, MailChimp has set up new GDPR processes and systems for European-based companies.

So the first thing we need to do is to convert your MailChimp account so it uses these GDPR compliant systems. We already have access to your account so you do not need to do anything.

[2] Ensuring your MailChimp database correctly shows who has opted in.

You will have been collecting consent in-salon from clients and updating your salon software system. We clearly don’t want to bother these already opted-in clients again (they also might change their mind and opt out!).

So we will need to remove these opted-in clients from your database before BEFORE running the re-engagement campaign (more about this campaign below).

All we need you to do is export all client contacts from your salon software for whom you have already obtained opt-in consent to email.  Most software companies will have contacted you about how to do this.  All you need do is send us this data and we’ll do the rest for you.

Just so you know what we’re going to do with the data you send us… we’ll compare the two lists, remove everyone who has already opted-in (given consent), then create a brand new list of people who have yet to opt-in which will be the one we use for your re-engagement campaign.

2. Opt-in Form

To collect the names that opt in from the re-engagement campaign, we’ll write and build a GDPR sign-up form. This will include:

  • a specific opt-in checkbox for ‘email marketing’
  • an explanation of how collected data is used with a link to your privacy policy (if available on website – see website compliance guideline)
  • an explanation about unsubscribing

3. Email Re-engagement Campaign

Having done this we can then write, design & broadcast a re-engagement email campaign to your existing pre-GDPR email database with link to your new GDPR sign-up form asking them to opt in to your email marketing communications post-GDPR.

We will then remove anyone who hasn’t opted in leaving you with a list of people who have consented to receive email marketing from you.

Second re-engagement broadcast: To get as many signed up as possible we’ll resend the re-engagement campaign a few days after initial broadcast to try and get more to opt in.

It’s very important that your salon software and MailChimp accounts have the same database. So, after these 2 re-engagement campaigns have been sent we’ll send you a list of the people who opted-in through this campaign so you can update your salon software.

We can’t say this enough – it is important that you keep this up to date and don’t have lots of different lists which will just lead to confusion.

But it doesn’t stop there…

GDPR and your MailChimp data

GDPR gives everyone more rights regarding the use of their personal data, so they can request, for example, that their data be deleted, moved, or corrected at any time.

You don’t need to do anything now but we’re letting you know that MailChimp assures its customers (you) that they have changed their systems in the light of GDPR. So all MailChimp users can access their MailChimp data bases to correct or update information if asked to by a client.

Again to comply with GDPR, when you delete someone from your MailChimp database, MailChimp will remove all traces of that person’s personal information from your reports as well as your database.

Reminder: Compliant Data Collections

After 25th May all email data you send to us to use to broadcast your e-news MUST have been collected in a GDPR compliant manner i.e. you will needed to have gained specific consent (opt in) from them to send marketing and e-newsletters to them.

Your main method of data collection is via your salon software so if you have any GDPR questions on data collection on your salon software system please get in touch with your provider’s support desk.