Here are nine top GDPR tips to help you with your email marketing strategies:

The second birthday of GDPR is fast approaching but the dust has yet to settle. There are many questions and concerns that remain, which can destabilize a data landscape where modern industries need to navigate with caution.

This is true for email marketers more than any other profession, as they are the most complained about by data protection authorities in Europe.

Because GDPR changes how organisations can use data, especially the third-party data that email marketers use in order to target potential and existing customers. Over 100 GDPR-related fines were issued, stemming around 60,000 complaints to the European Commission. The ICO’s decision during the economic downturn to relax enforcement is perhaps the most striking example of how difficult GDPR can be.

Businesses must follow best-practices guidelines regarding the use of data and marketing to avoid costly fines. This is not an easy task.

Customer consent is the main concern. GDPR makes organisations responsible for data they store and use. This requires them to have strong reasons for using data. This data processing must be necessary in order to achieve the purpose. However, the rights of the data subject are not violated.

Although there are many ways to satisfy the legitimate interest clause, you can often rely on the individual’s explicit and informed consent. Many companies used to rely on small and obscure check boxes that were ticked automatically in order to get customers’ consent. However, GDPR requires companies to explain clearly and concisely why and how data will be used.

Many marketing departments worry that customers will not choose whether they wish to receive newsletters or other marketing materials. Skip Fidura is the Chair of the Responsible Marketing Committee of the Digital Marketing Association and believes that marketers have the opportunity to make use of GDPR.

We talked to him about his top tips for email marketers who want GDPR to be successful.

1) Don’t panic!

Fidura states that the GDPR isn’t an apocalyptic catastrophe that many believe it to be. He argues that it should not have any impact on how marketers conduct business if they are doing their job properly.

Email marketers have been discussing and using the GDPR as best practice for many years. Fidura explains that consent is about being transparent, open, and honest. You can use the GDPR language but it boils down to being honest, transparent, and open to receiving it.”

2) Do not re-permit your lists. Instead, refine them.

Many marketing departments have tried to re-obtain consent for their marketing lists to continue to send messages. However, Fidura says this is a wasteful effort. He notes that the myth surrounding GDPR was that consent is all we could market. Therefore, if I don’t have GDPR level consent, I need to get it.

He says that brands have taken a step back to examine their data and worked out which customers they should approach to get new permissions and which ones they should remove from their lists.

3) Use best practices

This is in line with Fidura’s other top tip, which is to follow best practice. It is possible to reduce email lists if some recipients don’t engage for a certain period of time. This can be difficult, however.

“Marketers know that they need to be removing people from their lists. But when you tell finance people, “I just cut 25% of our email list”, the finance folks go, “What are you crazy?” He says. “So in reality, I believe that marketers have been able use GDPR in certain cases to do what they knew they should have done all along.”

4) Audit your data regularly

You can’t get rid of dead weight in your email lists if it isn’t there. Fidura recommends that companies regularly audit their data storage to make sure that they are aware of the exact state of their lists.

He states that data has a shelf life and data can get stale if it is left unattended for too long. Companies must be aware of the data’s usefulness for when they collect it. They should also regularly audit it based upon the data inflow and who is accessing it.

5) Continued compliance is important

Although many organisations were in a panic to prepare for GDPR, that doesn’t mean they have completed the work required to be compliant. Fidura points to the fact that GDPR is not a one-off deal. Although it is important to comply with regulations at the beginning, it is even more crucial to ensure that those standards are maintained over time. As we move forward from May 2018, the more companies will be relaxed. Soon, they will buy a new system and forget about their GDPR compliance.

Fidura states that “what they should think about moving forward is they need to recall the steps they took to achieve GDPR compliance; and the data audit they did.” They should consider the impact on the consumer of every new tool, channel or system they introduce online. They should conduct a privacy impact assessment, and document everything. GDPR implementation is just the beginning. GDPR is not going away.

6) Increase customer trust

Although GDPR may seem scary to marketers, it is actually a way for companies to develop deeper and more trusting relationships with customers. The Digital Marketing Association found that 62% of consumers would be more open to sharing their data if GDPR was explained to them. More than 85% also want more control over how their data is used.

Fidura states that consumers are more comfortable giving up their data if they know how it will be used. Marketers have a great opportunity to talk about GDPR and tell consumers about the rights they have, the implementation of the GDPR, and how to build trust. They must live up to it.

7) Be open about the data you require

Marketers need to be open with their customers about GDPR. Fidura also suggests that they must be honest with themselves. Marketing professionals should take the time to examine their data needs and the data they are collecting for vanity purposes.

“The DotMailer-branded socks are my favorite example. To determine how many socks to purchase, we could ask the person their shoe size. Do we as email marketing companies really need to know their shoe size? Fidura adds. “No, because we’re likely to buy a lot of larges, a few mediums, and a lot of smalls anyway.”

8) Take responsibility

GDPR’s fundamental principle is to make companies accountable for the data they have on customers. Fidura disagrees and says that companies should hold themselves accountable regardless of what, to rebuild customer trust.

“No matter what you do, if you make a mistake or violate the trust, you will be held responsible. He asks you to raise your hand and admit that you have made mistakes. “Too often corporations won’t say anything until they have all the facts. But by then they’ve lost their story.”

9) Don’t allow lawyers to write your privacy policies

GDPR doesn’t just mean that customers have to tick a box to indicate that they are happy to receive emails from you. One of the conditions is that you must provide specific details about how you use that information. This is similar to the often ignored terms and conditions agreements for software. It’s usually represented as a wall of legal text.

Rachel Aldighieri, DMA Managing Director, advises that privacy policies should not be left to lawyers or compliance teams. To write it, work with them and your creative teams as well as your communications teams. She cites examples from EasyJet, BBC, and other sources to show that privacy policies can be attractive and engaging when they are done well.