There are a number of reasons why you might need to do some email outreach. These include email marketing campaigns, PR, promoting recent works or asking for backlinks for SEO purposes. All of this can benefit your marketing strategy and ultimately your sales funnel and that’s why email outreach is such an integral part of many businesses marketing strategy.
But email outreach will require the use of personal data such as names and email addresses. As such, you need to make sure you’re remaining GDPR compliant at all times during your outreach and ensuring that you’re using the data in the correct way. We know that General Data Protection Regulations (GDPR) can be a minefield, but it’s one you must quickly learn to navigate if you hope to continue with your outreach and avoid facing a fine or legal action.
So whether you’re new to email outreach and GDPR or you simply don’t know how the two connect, let us help. In this guide we’ll look at six things you should know about email outreach and GDPR, so you can ensure you’re always working in line with the regulations.
- You must always ask for explicit consent
In order to collect the personal information of customers or users of your website, you must gain explicit consent. This means having an opt-in where they can share their information with you and consent to it being used for email marketing purposes. This is usually done by way of a sign-up form, though there are a few other options. But whatever you choose, you must make sure that the user has ticked the box that says they’re happy for you to store and use their data.
And you can’t use any underhand tactics to encourage them along. For example, pre-ticked boxes or confusing language that means they don’t actually realise they’ve consented to receiving emails from you in the future. Everything must be as simple as possible, with an easy option for them to opt-in or out of your email communications.
- You must keep record of everything
When asking for consent to collect and use their information for email marketing, it is a good idea to keep a record of everything. There are automated systems out there that can help to process this data for you, but it’s a good idea to record the date, time and webpage when a customer or user gave consent. This way, should you be challenged or faced with disciplinary action, you have the evidence to back you up.
- You must explain how the data will be used
As part of General Data Protection Regulations, you must have a statement somewhere on your site that explains to individuals how their data will be used. It is a good idea to give them a brief overview of how this will be used on your sign-up form and then give them the option to click through and read the full terms.
This statement should offer information on how you plan to store and use their data in the future. It’s also a good idea to touch upon how your company protects the personal data of its customers and also if you will be sharing this information with any third parties. If you plan to share their information with anyone you must have a very good reason for doing so. This is another thing you should outline in your overall GDPR statement.
- You must offer a way out
Under GDPR, every individual has the right to be forgotten so you need to make sure you have an opt-out option on your emails. It’s most effective to add an unsubscribe button to the bottom of all email communications so they can get out any time they want. Again, this must be clear and simple to understand, you can’t make them jump through hoops to get off your mailing list. A simple unsubscribe and confirmation that they will be removed from your mailing lists should suffice.
- You need to update your lists regularly
Following on from this, you need to make sure you’re updating your email lists regularly. If someone has unsubscribed you cannot continue to send them email communications, otherwise they have the right to take legal action. Similarly, under GDPR every individual has the right to request access to the information you hold on them and then ask for this to be deleted from your systems if they wish.
For this reason, you need to make sure you have a system in place for dealing with these access and deletion requests. If someone has asked that their data be removed from your database altogether, you need to make sure you update your lists and ensure their information is no longer included. Again, if you don’t do this and you continue to email them, you could face legal action.
- You must be cautious with cold emails
Some people thought that GDPR meant the end of cold emails, but that simply isn’t the case. Cold emails don’t apply when talking about email marketing because you must have explicit consent to contact a customer or user in this way, so what are we talking about when we discuss cold emails? Well, you might want to reach out to a company or journalist to share information of your latest work.
You might also want to ask for back links to your content as part of your SEO strategy. Often, you can find emails of journalists or other members of a business’ communications team on the internet and then reach out to them. While this is perfectly acceptable, it’s best not to store their email unless they explicitly say you can. You must also show a legitimate business reason for reaching out to them, for example, that you thought the work would be relevant to their customers or readers.
You cannot reach out to them as a sales pitch for personal reasons, you must ensure that if you’re sending out cold emails it is strictly business. And finally, if they ask you not to contact them again, make sure you don’t!