With GDPR (the General Data Protection Regulation) coming into force on 25 May this year, companies hopefully have already finished their preparations for life under the new legislation.
One of the final pieces businesses needed to put in place was to update their service terms and send out emails informing recipients of those updates. And we bet you too received a whole load of these emails, right? Itâs amazing how many companies have your data, isnât itâŠ
Ironically, these unrequested GDPR-related emails are an example of what we are going to talk about in this article: cold emailing, and how the new legislation affects it.
Cold emails are one of the main activities outbound call centers focus on. In previous articles, we talked about how call centers can prepare for the new rules and whether it is still permitted to initiate cold calls now that GDPR is in force. In this last part of our GDPR guide, weâll take things further by discussing what GDPR means for telemarketing, and specifically for cold emailing.
As the legislation is now officially in force, thereâs no longer any excuse for your business to act recklessly. If you want to continue to use email campaigns as part of your telemarketing strategy, itâs time to check out our pro tips!
Be aware of what âpersonal dataâ is
Letâs get straight to the point: although many people think GDPR has put an end to telemarketing, itâs actually still possible to send cold emails with this new legislation in force. However, not surprisingly, the rules of the game have changed significantly.
Thereâs no doubt that, if you wish to continue your telemarketing email campaigns, you will need to act in accordance with GDPR. Otherwise, your business may face fines of up to â¬20 million or 4% of annual turnover.
In terms of sending cold emails in a GDPR-compliant way, you will first need to be clear about what âpersonal dataâ is. As mentioned in a previous article, the term covers personal information such as names, home addresses, phone numbers and email addresses.
Bearing this in mind, you will also need to be both aware of and have a comprehensive understanding of your data collection processes, and how they relate to (and are restricted by) GDPR. This is the first step youâll need to take before even considering sending out cold emails in the post-GDPR business world.
Rethinking your list-building processes
Itâs a common list-building practice for companies to identify potential clients online, search for their contact details, add them to email lists and finally contact them with a product/service offer.
With GDPR in force, however, youâll definitely need to rethink how you build your email lists – uploading random addresses to your email database is now a gamble thatâs not worth taking.
As for bought email lists, you can continue to rely on them, but it is your responsibility to ensure your lists are 100% compliant with the new legislation.
Bear in mind that GDPR is not only about what data you can use, but also about how you can use it. Therefore, understanding why someoneâs email address is on your list and how you obtained it should be high on your list of priorities.
Whether youâre collecting data yourself or buying lists, youâll always need to keep track of how and why youâre storing and processing the data they include. In particular, GDPR specifies that you can only store and process data that is 100% required to provide your service to its full extent, and only for as short as needed. So, if youâre thinking in the long term, regular cleansing and maintaining of your email database is an absolute must.
Be prepared to know as much as you can about your email lists, as chances are youâll receive âwhere did you get my email address from?â inquiries. Itâs also essential for you to prepare informative replies to such questions in advance, explaining how and why you obtained particular customer data.
To summarize, having a transparent process of storing and processing personal data, and being able to provide information about this process in detail, is an essential step in complying with GDPR.
Clear consent vs. legitimate interest
In order to contact prospects in accordance with GDPR, you either need to receive clear consent from them or have a legitimate business interest when reaching out to them. Both of these options have already been discussed in detail in our previous article about GDPR and telesales, so weâre not going to talk about them in depth here.
These options can be considered the basis for sending cold emails in the post-GDPR world. Of course, if you have clear consent from customers to call them then there is not an issue, but what about new prospects? Can you have their consent if youâve never been in touch before? Probably not.
Luckily, in such cases, you can outsmart GDPR by leveraging the option of legitimate interest. As outlined in the legislation, as long as you can claim you have a legitimate business interest in contacting customers, and itâs not overridden by your customersâ decision to not be contacted, youâre allowed to send them cold emails.
Ensure your emails are targeted and appropriate
Since itâs fairly difficult (if not impossible) to gain new prospectsâ clear consent before contacting them, we assume the option of legitimate interest is already your best friend in the post-GDPR world.
Itâs not that simple, however. As GDPR protects the personal data and privacy of individuals, if you base your email campaigns on the basis of legitimate interest, youâll need to make sure your customers are likely to benefit from those business-related cold emails.
Legitimate interest is, in fact, one of 6 criteria youâll need to meet in order to be able to store and process customer data, but using it as a reason for contacting prospects is only legal if your interest is not overridden by prospectsâ privacy rights.
Therefore, your campaign targeting has to be as tailored and relevant as possible: you cannot simply just send out unrequested cold emails to random email addresses. Instead, youâll need to focus on reaching audiences that are genuinely interested in your products or services.
In practice this means that telemarketing departments will need to be able to justify that their cold emails target potential customers who are truly interested in their products or services. Furthermore, you will need to make sure you personalize your emails to the recipient, and also identify the physical email address of the sender.
If you want to contact your prospects in a GDPR-compliant way, youâll need to have a strong reason to do so, and make sure to explain your legitimate interest to them in your email copy.
Opt-in vs. opt-out
With GDPR in force, customer consent needs to be obtained, normally via opt-in boxes to be ticked. Indeed, the clearest way to obtain consent is to ask customers to tick an opt-in box confirming they are happy to receive your cold emails.
However, bear in mind that pre-checked opt-ins are no longer considered clear consent given by customers. Like it or not, if an individual doesnât say a clear âyesâ, it means ânoâ.
Our advice here is to use double opt-ins, as they mean your prospects will have to confirm their email address before being added to your email list. Using double opt-ins in telemarketing is, in our opinion, the best way to ensure compliance with GDPR.
Once you received your customersâ consent, youâll also need to provide them with a clear and easy opt-out option. Donât forget that GDPR also states that customers can withdraw their consent at any time, and of course this applies to cold emails as well.
Whenever you send out your cold emails, make sure to insert an obvious opt-out box at the bottom of your email. Considering the consequences of breaching the new legislation, itâs better to play it safe, isnât it?
Articles and entries on vcc.live/blog do not constitute legal advice. Should you have any legal questions, please contact your lawyer or legal advisor. VCC Live® will not take any responsibility or liability for any damages, disadvantages or losses that may arise from the results of any interpretation of the contents of the blog.
Read our practical GDPR GUIDE for contact centers for all the information you need to know about the regulation!