Be the internal champion that drives meaningful change in your organisationStart here
We've now been covering the implications of the GDPR for marketers and their audiences since 2015 on Smart Insights with many articles contributed by guest experts specialising in privacy law for marketing.
Initially, there was a lot of speculation and it was difficult to provide practical examples since ultimately what businesses need to know is to how to update their forms for collecting email addresses and the copy explaining consent for communications in their privacy statement. As the Information Commissioners Office provided more guidance there were some simple sample examples provided in templates, but these didn't cover the range of situations where businesses in different sectors needed to implement them.
Today, as we fast approach the deadline, we can learn from the examples of larger companies who have implemented new forms and privacy notices. We don't know they are GDPR compliant in that they haven't been independtly assessed, but the examples we give here are large businesses who will have taken advice from specialist lawyers.
In this article, we don't explain the concepts of personal data, consent and legitimate interests, those are covered in our members guide and likely you are familiar with them already, so we'll concentrate on the examples. We will start with privacy statements and then look at forms and copy asking for consent.
Here are our examples of good practice
This example follows the structure of the GDPR and references features like 'legitimate interests'. We like it since it is clearly written for the end user, transparent about the data sources and use and clearly structured. However, it is long due to the importance of different types of data processing in insurance products.
Structure of AA privacy statement:
Under legitimate interests, it covers marketing communications specifically:
i) For direct marketing communications and related profiling to help us to offer you relevant products and services, including deciding whether or not to offer you certain products and service. We will send marketing to you by SMS, email, phone, post and social media and digital channels (for example, using Facebook Custom Audiences and Google Custom Match.
It's interesting that it specifically mentions the options available from Facebook and Google to enable uploading of customer lists to find lookalike audiences and for retargeting based on email address.
You will know that Facebook has a strong need to be transparent about its privacy. We have chosen this example for the structure, similar to the A, which explains privacy in an easy to understand way. It's very different from previous Data Protection Act notices from Facebook and others which were more legal in tone and near unintelligible.
Example A. Lead generation / lead magnet example form
This example follows the requirements of the law closely since it doesn't require you to opt-in to future communications in order to receive the offer. It shows you don't have to use a tickbox instead using a radio button. Tests referenced by Tim Watson in his well-worth-a-read post giving example GDPR consent forms shows that radio buttons can perform better than the more traditional opt-in tick-box.
Example B. B2B Email newsletter sign-up
While this example illustrates compliance well, it is arguable whether it is needed if you bundle additional resources or explain the range of communications will receive. The discussion on Tim's blog gives the example of his own opt-in at the foot of articles.
Example C. Retail.
This example also includes an affirmative action based on selecting a radio button. It also follows good practice since it has a compelling description of what's available. Not simply 'Receive marketing communications', but detailing the types of offers and coupons available. Retailers are in a strong position since they can offer these incentives.
Note that it can be argued under the Privacy and Electronic Communications Regulations that opt-in is achieved 'during course or negotiations for sale' and this an additional tick-box is unnecessary. For example, at the time of writing Amazon UK doesn't give a choice. It would be interesting if the Information Commissioner went after Amazon for failing to give this guidance.
Example D. Retail, part of a larger group
Since Tesco Grocery may want to share customer data with other parts of the group which are not for 'similar products and services' in the words of the PECR, Tesco asks for sign-in to the Tesco Group. It has pre-ticked the box, presumably on the basis that is during the course of negotiations for sale.
Example E. Publisher
This example is complex since the Economist wants to distinguish from signing up for the enewslettter and other communications. Both use a different implicit format to gain consent which isn't straightforward to understand since you have to opt-out in a different way. However, they are transparent about types of communications.
And that's our final example. I hope these have proved interesting and useful to benchmark against your approach. For further discussion do let us know on social media, especially our Facebook members' group.
By Dave Chaffey
Digital strategist Dr Dave Chaffey is co-founder and Content Director of Smart Insights. Dave is editor of the 100+ templates, ebooks and courses in the digital marketing resource library created by our team of 25+ Digital Marketing experts. Our resources are used by our Premium members in more than 100 countries to Plan, Manage and Optimize their digital marketing. Free members can access our sample templates here. Please connect on LinkedIn to receive updates or ask me a question. For my full profile and other social networks, see the Dave Chaffey profile page on Smart Insights. Dave is a keynote speaker, trainer and consultant who is author of 5 bestselling books on digital marketing including Digital Marketing Excellence and Digital Marketing: Strategy, Implementation and Practice. In 2004 he was recognised by the Chartered Institute of Marketing as one of 50 marketing ‘gurus’ worldwide who have helped shape the future of marketing.
Start the discussion on our community and social networks
Recommended Blog Posts
Popular Blog Posts
Statistics on consumer mobile usage and adoption to inform your mobile marketing strategy mobile site design and app development “Mobile to overtake fixed Internet access by 2014” was the huge headline summarising the bold prediction from 2008 by Mary Meeker, an …..
Our compilation of the latest social media statistics of consumer adoption and usage Social networks are now so well established, that there is a core ‘top 5’ social networks that don’t change much from year-to-year. But, as we’ll see in …..
Amazon’s business strategy, revenue model and culture of metrics: a history I’ve used Amazon as a case study in my books for nearly 20 years now since I think all types of businesses can learn from their digital business strategy. From startups …..