Marketing & Communication 7 June 2022

What are the best GDPR practices for email communication?

La gestion de la protection des données personnelles avec l'outil Boost My Mail

Personal data protection management is a recurring issue in marketing. It’s governed by the General Data Protection Regulation (GDPR). During their communication operations, a marketer’s mission is to promote their company’s brand, in order to make it known and attract new customers. They must also comply with the GDPR when they collect and use data from prospects interested in their brand. What is the GDPR, and what are the best practices in terms of emails? We reveal all!

GDPR and email, two different things

For starters, the GDPR makes no mention of email. It’s not concerned with channels, but with the processing of personal data. Provisions relating to email are described in a European Directive enacted in 2002, which has been transposed into most Member States’ laws. These provisions will be complemented in the coming months by a future “e-Privacy” regulation, also known as the “cookie law”. As its name suggests, the new law will primarily impact cookie consent pop-ups.

In brief, the Directive makes a distinction between BTOB email communications and BTOC email communications:
-> BTOB: Email communications sent to companies do not require prior consent, but they do provide a right of objection (opt-out). Opt-out is when the recipient of the advertisement hasn’t objected to receiving the email. In short, if they didn’t say “no”, it’s “yes”.
-> BTOC: Email communications to individuals require prior consent (opt-in), unless the email was collected as part of a commercial transaction and is being used to send advertisements for a similar product. In this case, an opt-out system applies.

How do you collect user data and be GDPR compliant?

In concrete terms, what actions should be taken in order to comply with the GDPR when a marketing action is launched?
When collecting data:
-> State openly that data is being collected and the data-hosting method.
-> Be transparent about the reasons for processing of the data. And if there’s a special data processing operation: specific consent. The box should not be pre-checked when requesting consent.
-> Enable each user to consult and/or modify their information. Delete a user’s entire data set if they so request. Specify when the data will be permanently erased from the company’s databases
When sending an email campaign:
-> The presence of an unsubscribe link in the email.
-> The use of double opt-in is strongly recommended: a double authorisation box to be checked by the user.
-> Provision of an email address for feedback.

Adapt your email communication strategy and be 100% GDPR!

As we’ve seen above, GDPR and email are two very different things. The GDPR acts to protect user information, and email is a communication channel that potentially uses such data. One thing’s for sure, marketers must make sure they’re GDPR compliant when selecting the dissemination list for their email campaigns.

How do you communicate company news by email, while being visible and without being intrusive?

Using collaborative emails is a good option as the business or partnership relationship is already established between sender and recipient. The most relevant communication space is the email signature. It’s conveyed by the employee, a true brand ambassador. A unified email signature with the company colours reinforces the company’s brand image.

With an email signature management tool like Boost My Mail, a single administrator can create and disseminate the same email signature template to all their employees. The personalised email signature with the employee’s professional contact details includes several clickable buttons/features enabling easy company self-promotion:
– The company logo, link to the website,
– Social network buttons, getting recipients to follow the company’s adventures on social networks,
– A news banner, providing elegant support to the email signature and links to value-added content (white paper to download, event, advice, etc.).

signature email

Hence, each employee email helps ensure the company’s marketing actions’ visibility. The solution is GDPR compliant; it’s hosted by Azure Services while data is hosted in France and Northern Europe.
– Employee information is only used to display the personalised email signature on each employee email.
– Employer email privacy is respected. Emails are never stored on servers, and there’s no risk of that changing!
– Statistics resulting from your email campaigns are totally GDPR. They give each campaign’s click volume 🙏

So it’s easy for a solution like Boost My Mail to comply with the GDPR as it only disseminated data that’s transmitted to it without exploiting it. As a relay, Boost My Mail displays signatures and campaigns on employee emails. An email signature management tool like Boost My Mail enables you to communicate in places you never thought possible.

You now know how to make everyday emails more of a marketing tool while complying with the GDPR!