GDPR is a Regulation, not a Directive, it has binding legal enforcement that will be immediately enforceable as law on 25 May 2018.
GDPR will affect every company that uses personal data. If you collect email addresses and send emails to subscribers within the EU, you’ll have to comply with GDPR.
GDPR touches on several aspects of email marketing, especially how businesses seek, collect and record consent.
With GDPR, businesses will only be allowed to send emails to people who’ve opted-in to receive email communication; GDPR further specifies the nature of consent that’s required for commercial communication. Starting in May 2018, businesses will have to collect affirmative consent that is “freely given, specific, informed and unambiguous” to be compliant with GDPR.
GDPR (clarifies) that an affirmative action signalling consent may include a checking a box on a website, ‘silence, pre-ticked boxed or inactivity’ is not adequate consent.
In addition, the sign-up process must inform subscribers about the business that’s collecting the consent and provide information about the purposes of collecting personal data.
GDPR clearly demands that the recipient is provided with adequate information on how their data will be used. If a recipient is intended to be profiled to determine what offers they receive, a business must tell its customers that is how it intends to use the data, giving the recipient the opportunity to object.
The GDPR not only sets the rules for how to collect consent, but also requires companies to keep record of these consents.
All businesses will be required to store consent forms. All forms will have to be present if requested.
Delta Membrane Systems Limited has already started complying with the GDPR Regulation and over the next few months we will be reviewing how we manage, protect and administer our customer data to ensure we are fully GDPR compliant.
Please do not hesitate to talk to any member of our staff with regard to GDPR Regulations and how we adhere to the same.