Consequences of GDPR for bloggers and how to comply with that privacy regulation has been a hot topic since the GDPR went into effect on may 25, 2018.
The General Data Protection Regulation, better known by its acronym of GDPR, is possibly the most important change in data privacy regulations for at least a decade. The GDPR is a lengthy document that involves many different areas of data processing. You can read the entire regulation here. GDPR compliance for bloggers is an important subject, but not everyone knows how to comply or the exact steps to take. This post will show you how to have GDPR compliant consent form templates. You will also see a discussion on GDPR email consent examples and images for GDPR opt-in email examples.
However, when it comes to blogging and online communities, GDPR almost strictly comes into play when it comes to collecting data from your website visitors for email marketing purposes. Since GDPR’s implementation, many articles, videos, and posts came out about GDPR for bloggers and how to comply.
However, not many of those posts and articles actually show you how bloggers can comply with GDPR when it comes to data collection, consent, and email marketing. Continue reading this post because you’re not only gonna read about how to comply with GDPR as a blogger, but you’ll actually see examples in a form of photos and videos.
This is a lengthy and actionable post, so bookmark or pin this to be able to come back to it if you need to.
The main areas of GDPR that bloggers and online entrepreneurs need to be concerned about are related to data collection, data use, and email marketing.
Most importantly, you need to state your terms clearly, get express and clear consent before you can add anyone living in the European Union to your email list.
If you want to know what type of policies you should have in place, and what disclosures to make, read my post on how to blog legally.
Generally speaking, as bloggers and online entrepreneurs, you collect a certain amount and type of data from your visitors. This data can be a name, email address, phone number, geographic location, computer system, etc.
Some of this information gets collected by cookies. The other part you collect manually by having your visitors enter this information.
In the case of information collected by cookies, GDPR requires that your visitors must consent to have the cookies collected, and they also must have an opt-out option.
In the case of manual data collection entered by your visitors, they must consent to be included in your email list, regardless of whether you have their email addresses or not.
Cookies are a very small file that gets downloaded when a person visits your website. It can store snippets of information such as geolocation, computer system, visiting website, analytical data, third party data, etc.
Cookies are separated into two parts: essential cookies and non-essential cookies.
Prior to GDPR enforcement, you just had to tell people that your blog/website was using cookies. Generally speaking, people weren’t given the option of agreeing or opting-out.
However, post-GDPR, websites are required to not only give the notice that your website is using cookies but also to give the people an option to accept or not.
This means that information does not get stored in the cookie until the user accepts it.
In order for bloggers and online entrepreneurs to comply with GDPR, it’s important to remember that the key is to give choice to your visitor. A choice to agree or not, a choice to be on your email list or not. You cannot assume consent or dictate it by having certain fields be pre-filled.
Steps that bloggers and online entrepreneurs can take to comply with GDPR when building the email list
Email list building is one of the areas that was impacted by GDPR. A popular and successful method of email list building became offering a free resource for people who want that resource and when they opt-in, they get added to your email list. Pin This ↓
When they would click on this resource, they had to enter their email address in order to get it. This email address would automatically be added to the email list of the blogger or online entrepreneur.
However, under GDPR, you can no longer add anyone to your email list unless they specifically, unambiguously, and expressly consent to be on your email list.
So what does this mean for bloggers? What can you do as a blogger or online entrepreneur to grow your email list, yet remain compliant?
Here are some steps you can take to make sure you’re not breaking any laws:
- Ask for express consent;
- Convince/sell on giving express consent; or
- Revert back to the old days of asking people to join your newsletter.
Ask for express consent to add people to your list
Once the GDPR went into effect, we bloggers started having a hard time building our email lists as before because now we couldn’t automatically add visitors to our email list if they opted-in to receive a free resource like freebies or lead magnets.
To stay compliant with GDPR regulations, as a blogger you have to ask/receive for express consent before you can add anyone to your email list.
This can be done by including a consent checkbox, a dropdown option, or radio buttons on your opt-in forms.
However, I would urge you to be cautious when using a checkbox. Many lead forms and lead collecting forms have an option fo adding a checkbox, but it’s a mandatory checkbox.
This means that if a reader does not check the checkbox, they can’t move forward. So if you were offering a freebie, and your reader wanted to get that freebie, the form would not let this reader move forward until they checked the checkbox.
This, however, is not compliant with GDPR rules. The consent that you get must be voluntary, unambiguous, and express. A consent that you get by essentially forcing your readers to give to move forward is not
I recently ended up on a certain website. There was a popup that opened up offering a freebie growing a YouTube audience. This interested me, and I wanted to get the freebie. I filled out my name and email. However, there was a checkbox that said something along the lines of “by checking this box, you’re giving me permission to send marketing and promotional emails.”
Well, I didn’t want to receive e-mails. I just wanted the freebie, so I decided to leave the box blank. I tried to submit my information. Except, it wouldn’t let me submit unless I checked the box.
Do you see the problem here? If I don’t check it, I am not getting the freebie. If I do check it though, it’s not proper consent for her to add me to her email list because my consent was forced, it wasn’t voluntary.
As bloggers, you have to be careful to comply with legal requirements for blogging, as well as GDPR rules. You must get explicit and voluntary consent before you can add anyone to your email list.
As I discussed above, having a checkbox for the consent doesn’t always work, because most of the time bloggers either don’t realize or don’t know that they’re making consent to the checkbox mandatory in order to move forward.
For this reason, drop-down boxes and radio buttons are a better option for getting consent on the opt-in forms.
As bloggers, you should realize that your freebies have to be provided to your readers when they sign up for it regardless of whether they give consent for future marketing and promotional emails.
This means that the way you set up your opt-ins and lead generation forms are important. You have to make giving consent optional. This means that your reader must be able to get the freebie from you without giving consent.
This step is best done with a drop-down option question, which allows the reader to either agree to give consent or not. Moreover, if you make answering this question optional, this means that your reader might not even answer the consent question and move forward.
Obviously, if they do this, then you do not have consent.
This means that your reader can either give consent or not, depending on which option they will choose from the drop-down. Moreover, if you don’t make the drop-down required, then they might even completely skip it.
If they skip it, and you don’t have their express consent, this means they cannot be part of your email list unless you convince them otherwise.
Convince your visitors to give you consent
Getting consent for GDPR purposes on the opt-in form itself is not the only chance you have for convincing someone to be on your email list or give consent to receive marketing and promotional content from you.
You have a few other opportunities to convince your readers to give consent.
“Sandwich” Landing page is an alternative method for getting consent
One such opportunity is gonna be on what I call a “sandwich” landing page. When your reader opts-in to get a freebie but does not consent to be on your email list, then they get sent to your thank you page after they entered their email. On this “Thank You” page you’re either gonna let them download the material, or you’re telling them that you’ll send the freebie over email.
Now what you can do is to create one additional landing page before your “thank you” page. I call this method, “selling your reader on giving consent”. This additional landing page that is immediately between the optin and the “
On this page, you might outline some key benefits of being on your email list, the types of content you send out, and the type of information you generally provide.
The sole purpose of this page is to sell your reader on the idea of giving consent because being on your email list is gonna benefit them.
You can have a link or a button that they can click on if they agree to be on your email list. In your Email Service Provider (ESP) you can designate a tag of GDPR_Consent, so when people agree to be on your email list and click on the button or link, your ESP automatically tags them as GDPR_Consent.
Don’t forget to have another link or button on that landing page where again you’re telling your readers that if they don’t want to be on your email list, then click on that link. This link would ideally take them to the “Thank You” page where they can get their freebie or get it in their inbox.
Use your freebie delivery email and your follow-up as an opportunity to convince your reader to give consent
One thing I want to note
However, make sure that you also tag the people who don’t give consent, so you don’t send them any emails aside from delivering the freebie and follow-up email.
These emails that you’re allowed to send are another way that you can try to convince your readers to join your email list. In the email that is delivering the freebie, you can outline a few important points about how much value you provide to your email list members, and how you love to send helpful content to help their businesses grow.
Then just like before, include a link for them to click on if they give consent to be in your email list. Track this link, and assign a tag as GDPR_Consent or whatever tag or custom field you designated to indicate that consent was given. If your reader does not give consent, then at this point the best and safest course of action will be to deliver the freebie, follow up, then delete the contact permanently. You don’t want to send them emails accidentally.
If all else fails, you can always go back to the way things were before.
Accepted practice was to ask people to subscribe to your email list to get updates and new emails from you. This worked well in the beginning. However, as the market became saturated, people started using the lead magnet or freebie technique to attract readers to their email list.
Asking someone to sign up for your newsletter, and them doing so is compliant with GDPR laws.
This is because you’re not adding them to your email list without their knowledge or consent. You’re asking them to join your newsletter, which is already the consent part straight away. Once they sign up, that means they consented, and therefore, you don’t need to worry about other requirements as far as GDPR is concerned anymore.
Is double opt-in necessary for complying with
GDPR as bloggers?
Many bloggers and online personalities have mixed feelings about double opt-ins. To make sure that everyone is on the same page, double opt-in is when someone opts into your email list or wants to get a freebie, you tell them to check their email. Then you go ahead and send an email, where you ask them to confirm their email by clicking on a link or button.
Double opt-in a good practice for having a clean email list. This will help you avoid having spam accounts in your email list. If used correctly, double opt-in is also a good way to comply with GDPR laws.
However, that’s where most people go wrong. By just having a double opt-in does not make your website or your data collection process GDPR compliant.
Here is an example of how most people use double opt-in. This is not compliant!
In the scenario laid out in the infographic, your European Union (EU) reader did not give you consent if you asked for it, or you didn’t even ask for it.
Note: If you did ask for consent, and your reader gave it to you explicitly, and voluntarily, then that double opt-in is compliant. This particular case is about when there is no consent.
Basically, after your EU reader does not consent, and just wants the freebie you were offering, you still make them click confirm (this means they are a confirmed member of your email list) in order to get the free resource they opted in for.
This is not GDPR compliant because you’re forcing them to click confirm to get the freebie. To comply with GDPR as a blogger, you have to provide free access to the freebie whether or not they want to be on your list.
You can’t make your readers consent in order to get the freebie.
Double opt-in can work beautifully and comply with GDPR if you use it as a method for asking consent after you give your readers access to your freebie. This can be part of your persuasion in the email itself for your readers to give you consent to be on your email list.
Throughout this post, you saw different methods for complying with GDPR as a blogger. More often than not, bloggers know that they’re supposed to be compliant with GDPR rules, and they might even know what it means, but they don’t know how to get it done.
GDPR for bloggers is an important change in regulations and it affects certain important parts of blogging practices, information collection, and websites.