If you’re in the UK you’ve probably heard of the General Data Protection Regulations (GDPR).  This is the legislation that will replace the Data Protection Act on 25th May 2018.

The big issue for business people is that they need to be able to PROVE that any marketing emails they send out are being sent WITH PERMISSION of the recipient.

  • If someone has opted into your list to get the follow-up material for a training programme you once ran, that doesn’t mean they have given you permission to send them marketing information.
  • If you’ve met someone at a networking event or conference, that isn’t permission to market either.
  • If someone has given you their business card that implies they want you to get in touch – but not to send them your newsletter every month.
  • Even former clients don’t count as people who have given permission.

Even GDPR ‘experts’ disagree on what constitutes ‘permission’ and while the Information Commissioner’s Office (ICO) have 12 helpful steps, there are still a lot of grey areas.

Prove it!

Unless someone has gone through a double opt-in on one of the data-marketing platforms such as MailChimp, AWeber, ConstantContact, GetResponse or Infusionsoft (and there are many others) – you need a means of proving they have given you permission to send marketing information.

If you’ve uploaded a list from an exhibition you’ve attended – that’s not evidence!

If people have not unsubscribed from your newsletter – strictly speaking that’s not evidence either.

After 25th May you will need people to actively tick a box saying ‘I am happy to receive relevant marketing material’.  The alternative of ‘Tick here if you don’t want to receive marketing material’, isn’t good enough.

If someone has signed up to receive a free download – tips sheet or checklist or ebook – does that give you permission to send them marketing material?  Technically, unless when they signed up to the list there was a clear statement about what kind of communications they could expect.


Any data you hold – whether it’s just a name and email address or full customer records – must be deleted at some point, if it’s no longer in use. 

You will need a policy that states what data you keep and for how long.  Accounting information needs to be kept for 7 years (usually), but must be deleted after that.

If in doubt, notify your lists and ask them to re-subscribe.  You’ll lose a lot of subscribers this way, but the ones who do re-engage are the ones who are really interested, so you’ll get a much better response from your marketing emails.

What gets opt-in?

How do you persuade people to opt back into your list?  That’s easy, offer them what they want.

That’s not going to be marketing your products or services – but may well be valuable advice, access to special offers, free webinars or other items that they perceive to be of real value.

Like all good marketing – if you know your audience and give them what they want, you’ll sell more!