GDPR and E-mail marketing ?

GDPR, a direct impact on monetization and exploitation of client files


The abbreviated General Data Protection Act (GDPR) is shaking up the digital landscape by introducing new regulations on the protection and security of personal data.

This new legislation impacts data at all levels: Collection, processing, storage and updating of data.

People working in email marketing and those whose business model is based in part on the exploitation of email or SMS databases are the first concerned by the GDPR because the impact on their marketing strategies is huge!

Obtaining consent is at the heart of this new regulation and collecting addresses properly through an opt-in process is no longer sufficient. Finally, in addition to obtaining consent, an approach must also be in place to maintain consent.

The GDPR will come into effect on May 25, 2018 and many companies are not ready yet! As an actor guarantor of the quality of your databases, CaptainVerify helps you in the implementation of the GDPR compliance of your structure. Follow the guide!

The GDPR invites itself into your marketing campaigns as soon as you collect your address


Many business sectors have had to revise their strategy following changes in legislation and today it is the turn of email-marketers or SMS-marketers because the rules governing the collection and exploitation data hardened.

According to GDPR 4.11, consent must be "free, specific, informed and unambiguous".

Do not even imagine collecting email addresses through a passive opt-in process. The passive opt-in is to tick by default the box which indicates that the user accepts to receive your communications, even those of your partners. Not recommended by the ITA and Privacy Shield for several years, The passive opt-in is now prohibited because prohibited under the new regulation on data protection.

The notion of proof is also essential, hence the interest of setting up the double opt-in on your site. By sending an email validation consent, you can in case of control prove that you have obtained the consent of the recipient. Attention, the ITA and Privacy Shield specifies that the proof of the consent requires 3 elements:

  • what the person has consented to
  • the moment she agreed
  • who has consented

Ensure that your contractors as CaptainVerify incorporate the concept of double opt-in in their anti-spam policy and their general conditions of use, otherwise your efforts will be in vain and you will not be in full GDPR compliance.

At CaptainVerify, we integrated all the constraints imposed by the GDPR in the collection to help you deliver mailing lists checked and cleaned that are also compliant GDPR.

Finally, when collecting addresses or phone numbers, be sure to consider the following:

  • Inform methods by which recipients can request to modify or delete the data you hold.
  • Business email is now considered personal data, impossible to circumvent the law even in a BtoB-only collection context.
  • Do not consider that your opt-in base acquired in recent years is GDPR compliant, that's wrong! It is necessary to requalify it with the standards in force on May 25, 2018.

Should we translate GDPR to Dollars?


If the GDPR is shaking up habits and business, rest assured, you will still be able to use your databases for advertising purposes as long as you respect the new rules.

Have your current database audited

An important point to know:

The GDPR does not only apply to data collected after its implementation on May 25, 2018, but also to data collected before!

A world leader in the cleaning and database verification CaptainVerify is well placed to tell you that the first thing to do to continue to generate turnover via email or SMS mailing campaigns is capitalize on the existing by aligning your current bases in order to:

  • Eliminate inactive contacts
  • Take stock of the data you have (do you have geographic or socio-demographic information?)
  • Have you kept evidence of their consent?

Check the origin of the collected addresses / phone numbers

As part of the GDPR, you should check if you have kept track of where your contacts came from. Do they come from an opt-in base collected via a form on your website? Are they from a coregistration partnership? You must be able to know and prove how the contact has arrived in your database.

Collection and use of data, make room for transparency!

If cookie warning banners have already set the tone many years ago, you need to continue in this direction and communicate in a way that is transparent and understandable to the user as to how you collect the data. and how you use them.

Review your privacy pages to expand, simplify and especially make GDPR compliant. Detail all of the following:

  • Collection mode
  • Storage mode
  • Using
  • Data transfer

For all your next marketing campaigns, think GDPR!


Once you have been able to bring your bases and communication processes into compliance, you will not have to relax your efforts and it will be important to always check that your RGDP bases are compliant over time. Regular auditing, cleaning inactive contacts for more than 90 days, checking for ambiguous records, and renewing the consent request are all tasks that will need to be part of the routine of the Data Controller or CRM Manager.

Unsubscribers, unsubscriptions, optimized your CRM budget while being GDPR compliant!


If some email marketers skip the unsubscribe link that must appear on all communications sent via email, most respect this rule and for good reason! Keeping contacts who do not wish to receive your offers and communications is ultimately a waste of money since the routing services are often based on the volume of the database and the number of shipments. Capitalize on hot leads, you'll get better returns!

Through its platform, Captain Verify receives daily messages of feedback which attest to a better profitability of the emails or SMS shot after a verification or a basic cleaning. For that GDPR compliance can save you money.

The churn process must be clear and simple. The unsubscribe link must be visible. The unsubscribe link must allow:

  • Unsubscribe from this marketing communication
  • Unsubscribe from all marketing communications issued by your entity
  • Contact a return email address
To benefit from our expertise, all you have to do is register