Legally Secure Newsletter Marketing: This Is what you Need to Know
Newsletter marketing continues to be one of the most effective tools for communicating with your customers and informing them about offers, promotions or general news about your business. This article discusses the legal requirements you have to comply with and what you should generally keep in mind when using newsletters.
Mandatory Information on Subscribing and Unsubscribing
A lot has happened regarding newsletters since the introduction of the General Data Protection Regulation (GDPR). To avoid fines you must observe these points on subscribing to and unsubscribing from newsletters:
Mandatory Fields for Registration
If you have integrated a form for newsletter registration on your website, only the email address may be a mandatory field. You can add other fields to the form, such as name, address, or phone number, but these must be optional for users. This means that users have the option of opting for anonymous registration with just their email address.
Checkbox for Privacy Policy and Terms and Conditions
A checkbox must always be added to your newsletter registration form where the user is informed about your privacy policy. It must contain a link to your privacy policy and must not be preselected. This means users must actively confirm that they have read and accept the privacy policy. Your privacy policy should of course also contain the following information:
- What personal data is collected via the newsletter?
- Why is the data collected?
- How is the data collected?
- Which software is used for sending the newsletter?
If you use external newsletter software, users must be informed of this in the terms and conditions. This means you need an integrated reference to the terms and conditions in addition to the privacy policy. Both the checkbox for the privacy policy and the terms and conditions must be a mandatory field - this means that users cannot register if they have not confirmed their acceptance.
Newsletter Consent with Double Opt-in Procedure
You may only send users your newsletter, if they have confirmed their registration via the so-called double opt-in procedure. That means: You must ensure that each user receives an email with a link after registration (whether they did so directly via the newsletter form or through another source) through which they can confirm the subscription to your newsletter. Only after the user has confirmed the registration by clicking on the link can they be included in your mailing list.
Unsubscribe Link
According to the GDPR, the recipients of your newsletter have the right to unsubscribe from it and thereby revoke their consent to receive it. The easiest way to implement this option is to use an unsubscribe link integrated into the newsletter.
Deletion of the Data
If someone unsubscribes from the newsletter, personal data such as name, address, date of birth and so on must be deleted. The email address can continue to be stored in compliance with the GDPR, but you may no longer contact the person. If the user requests deletion of all stored data in addition to unsubscribing from the newsletter, you must also delete the email address.
Information on Newsletter Content
In addition to the mandatory information listed above in the forms, potential newsletter recipients need information when they register about the content of your newsletter and the frequency with which it will appear. The details about your newsletter should therefore contain the following information:
- Content of the newsletter (sales offers, news, tips, competitions, etc.)
- Which channels are included in the newsletter (own online shop and/or website/blog, social networks, etc.)
- Who is sending the newsletter
- How often the newsletter is sent
- How to unsubscribe from the newsletter
Types of newsletters
If you offer different types of newsletters (for example: newsletters with sales campaigns or on specific product groups, social media newsletters, news updates, etc.), you are also obliged to give users the opportunity to choose between the types. This works best with a checkbox – the content must not be preselected here either. That means user must actively click on their selection.
Newsletter Marketing Is Not the Same as Email Marketing!
It often sounds like “newsletter marketing” is basically just a synonym for “email marketing”, but that’s not the case. In fact, newsletters are just a part of email marketing, which includes many other areas such as: Automated emails (e.g. order confirmations, shipping confirmations or requests for reviews) or funnels. This difference is important because when someone signs up for your newsletter, they don’t automatically give permission to receive further emails.
Email Funnels
Many newsletter tools offer the possibility to create email funnels. Email funnels are a series of automated emails aimed at getting customers or prospects to take a specific action. This could be the (re)purchase of a product and/or service, registration for an event or talk or writing a review (e.g. Google or in the online shop). A good email funnel works according to predefined parameters (e.g. interests) that users have selected when purchasing, making a contact request or even registering for a newsletter.
If you want to use a funnel in addition to your newsletter, you must first define such parameters (for example: already customers, areas of interest, etc.) and give users the opportunity to actively select these parameters when registering. Here, too, the following applies again: Users must be able to provide information via checkboxes that have to be actively clicked. In addition, the content of the funnels must be stored in the registration details if they deviate from the regular newsletter content, and the frequency with which your newsletter appears must be adjusted accordingly.
Free Checkbox in Contact Forms and in the Sales Process
Many service providers offer interested parties and customers a contact form and also integrate the option of subscribing to the newsletter there. Although this is legally permitted, the checkbox must not be preselected. That means users have to actively click on it. The same also applies if you integrate a newsletter registration into your ordering process (e.g. in the order confirmation in the shopping cart).
Regardless of whether you integrate registration in the contact form or the ordering process: You also need a mandatory checkboxes there for the user to consent to the privacy policy and the terms and conditions in order to be GDPR-compliant.
Beware of Legal Violations
In addition to data protection, compliance with copyright, competition law and personal rights is also important for a legally compliant newsletter. Just as with your website and/or your online shop, these must also be taken into account in the newsletter.
Copyright
If you use images in your newsletter, make sure that you either own the license rights or have the written consent of the creator. This also applies to product images - if you use images of products that you did not create yourself, always get written permission from the manufacturer before using them.
Keep in mind: In addition to images, texts can also be protected by copyright. This applies to product descriptions (if you sell products from other manufacturers), but also if you include external articles in your newsletter, for example. Be sure to get the manufacturer’s permission to use product descriptions and always name the source when copying third-party text passages and make it clear that it is a quote.
Personal Rights
You can also present your company in more detail in your newsletter and, for example, include pictures from the last company event or introduce new employees. But you should first obtain written consent from all persons depicted in the pictures.
Greater Security for Newsletter Dispatch with Professional Indemnity
As you can already see, there are a few things to consider to ensure your newsletter doesn’t lead to fines. However, since regulations are constantly changing, especially in the area of the GDPR - and everyone makes mistakes - it’s not always possible to be 100 percent secure. With Professional Indemnity Insurance from exali, you’re insured against fines for legal violations as well as data protection violations. In the event of a claim, the insurer checks at its own expense whether a claim is justified, pays justified claims and fends off unjustified claims on your behalf.
Online Editor
Daniela has been working in the areas of (online) editing, social media and online marketing since 2008. At exali, she is particularly concerned with the following topics: Risks through digital platforms and social media, cyber dangers for freelancers and IT risk coverage.
In addition to her work as an online editor at exali, she works as a freelance editor and therefore knows the challenges of self-employment from her own experience.