The new 2018 general data protection regulation (GDPR) hasn’t even come into effect yet, and already the ICO (Information Commissioner’s Office) is making headlines for cracking down on misuse of customer data. As the new legislation is more stringent than the existing one across the board, we can expect to see more and larger fines for companies which misuse customer data. This has the potential to really damage email and online marketing, particularly for small and medium size companies who can’t afford an in-house specialist and therefore don’t know what is and isn’t safe. These companies may either do nothing, and lose out on market share, or do the wrong thing and be fined.
The email that cost FlyBe £70,000
In August 2016, FlyBe sent over 3.3 million customers an email titled ‘Are your details correct?’ this email was in breach of the existing data protection legislation as it was sending marketing material to people who had specifically opted out of receiving said material by email. Somewhat ironically, it has been argued that the email FlyBe were fined for was an attempt by them to update their database and ensure that future emails were in compliance.
Lesson learned: don’t email people who don’t want to be emailed
It’s easy to understand why people who had opted out of FlyBe’s email lists were annoyed to receive the email, yet it’s also easy to understand why it was sent. However, this ruling has reinforced the message: don’t email people who don’t want to be emailed.
Don’t email people who haven’t said yes, they do want to be emailed
Around the same time as FlyBe were making their expensive mistake, Honda sent a similarly titled email (‘Would you like to hear from Honda?’) to almost 290,000 users. This was sent to people for whom they had neither opt in or opt out information as a ‘service message’. However, the ICO informed them that they considered this to be marketing material, and issued a £13,000 fine.
You could just delete the lot
It’s controversial, but if your mailing list has been badly managed at some point, so you’re not confident that you’ll only be emailing people who have opted in, or isn’t generating a lot of revenue you could delete the lot. Wetherspoons have done exactly that. In June, the company sent subscribers a message informing them that their monthly newsletter would stop and all email addresses would be securely deleted. This doesn’t mean wiping out all your customer information – you can still keep sending order updates and so on – but it’s an effective, albeit extreme, way of dealing with dirty database.
Do I really need to send marketing emails?
This is a question online marketing teams across the company are asking. For many brands, Facebook, Twitter and other social media have overtaken direct emails as the best way to contact their customers, and they have the definite advantage that user data is handled by a third party – by Facebook, Twitter, etc – reducing the number of worries you have. If you have real concerns about the quality of your marketing data, then deleting everything and starting from scratch may be the only way to clean it thoroughly.
I do really need to send marketing emails
Social media isn’t appropriate or effective for all markets, so how do you safely send marketing emails? Stay informed about developments as the GDPR comes into play next year and for now learn the lessons you can from the big companies that have blazed an expensive trail ahead of us: make sure you have a clear and explicit ‘opt-in’ option; don’t email anyone who has opted out; don’t email anyone who hasn’t opted in; and be very careful about sending direct marketing disguised as service emails.