Get a FREE Marketing Audit

A Quick & Easy Guide on GDPR Compliance for Marketing & Sales

A Quick & Easy Guide on GDPR Compliance for Marketing & Sales
Reading Time: 5 minutes

A Quick & Easy Guide on GDPR Compliance for Marketing & Sales

Throughout my career, my experience has been split pretty evenly down the sales/relationship development side and the marketing side. Both roles offer excitement and challenges. Although both teams are concerned with obtaining quality leads, when on the business development side, high-quality leads are even more crucial; they’re my bloodline.

At Uhuru, I’m a Business Results Specialist and, in this role, I help companies get more leads and be more productive, strategic, and successful.

When all the news was breaking out last year about the GDPR and the new regulations, I was following the updates from a marketing standpoint because I was in a marketing position. I felt reasonably comfortable with understanding the changes and, after I learned more, I felt that most of my fears were unsubstantiated.

Then, when I started with Uhuru, I had some new concerns about GDPR compliance. How would the recent changes affect my ability to secure high-quality leads? At Uhuru, we do things a little differently. If we’re hard-pressed to make sense of something, we seek to understand the question by becoming the source of information. In this post, I’m going to address the top 3 questions I had about the GDPR updates from a sales role.

Because there are tons of exhaustive articles written about GDPR compliance, I’m not going to spend time reviewing the changes. But, if you’re just catching up, read an overview here and here.

How do the Changes to GDPR Affect Lead Capture?

The businesses that are most affected are those that capture leads online through a website or social media or any other online channel. If you operate more traditionally, your lead capture would also be affected if you attend trade shows or conferences, collect business cards and enter them into a system, be it manually or through a lead-capture system.

Before GDPR, you might have had an opt-in form on your website where visitors can subscribe to a newsletter or email updates. You might collect email addresses in exchange for other content such as eBooks or case studies.

It’s not that companies can no longer collect email addresses, but there are some rule changes you’ll need to follow:

No Pre-Checked Boxes

Email must be given freely. This means that pre-checked boxes along text such as “subscribe me to your newsletter” are out. You can have the text, but the box has to be checked by the visitor. Previously, the visitor had to uncheck the box. Slight difference, but the point is that the customer is actively giving consent to using their email.

By the way, there isn’t anything explicitly stated that you must use checkboxes at all. If you use a free form, that’s fine, because the visitor is choosing to enter their information. The bottom line is that you can’t just pre-select for people to subscribe.

Example of a simple newsletter signup with a checkbox:

Sample of simple newsletter signup with checkbox

Conference Email Collection

If you attend trade shows or conferences, you should rethink the “can I scan your badge” question. Instead, if you collect the business cards, follow-up with a “nice to meet you” email that clearly and easily lets the prospect opt-out and unsubscribe.

It’s not worth collecting cards randomly anyway. If a person came by your booth to get candy or get a card checked off so they can enter a giveaway, don’t even bother with trying to connect later when it was obvious they didn’t care about what you do in the first place.

As an added measure of non-annoyance, at Uhuru, we have a message that simply says “u can reply to unsub.” This way, we’re not making a prospect have to open links and enter emails and select preferences. If they reply with “unsubscribe,” we make it our work, not theirs.

Singular Use of the Email

This means that you can’t bundle together multiple types of communication. If there are several types of email your company will send, then the visitor must choose what information they want. For example, let’s say you’d use the email to send product updates, blogs, newsletters, and weekly tips. Each of these offers must have a blank box, and the visitor has to manually select what they want to receive. If they want all the content, great. But, if they only want newsletters, that has to remain a choice.

Clear and explicit explanations of the email usage. This means you have to provide an explanation of how the company will use the data. You should also include a link to your privacy policy.

Example of an email newsletter signup with multiple checkboxes:

Sample of email newsletter signup with multiple checkboxes

How Does GDPR Compliance Affect Email Marketing?

Email marketing isn’t going away. It’s just gaining greater transparency. Companies need to be much less haphazard about collecting and storing email addresses and also to have better communication with prospects. That communication strategy can be summarized with:

Opt-Ins must be used

We covered this above, but it can’t be overstated. Just make it an active decision for the prospect to engage.

Provide an explanation of how you intend to use the email
If a prospect agrees to provide an email, they’ll need to understand how it will be used. For example, are you tracking purchase behavior or content preferences? It’s okay to do so; the prospect just needs to understand. The usage has to be listed somewhere in your privacy statement so a person can opt out if desired.

Automatically adding contacts isn’t allowed without permission
If you use gated content to collect an email address, that’s perfectly fine. And it’s still within regulations to continue to send content. But, you just need to make that clear at the time the prospect gives their email. You’re probably starting to notice a pattern here—clarity is key, and you’ll need consent to continue communication.

Keep a record of consent
This is pretty straightforward. You’ll want to know when consent was given and how the visitor chose to consent. You’ll also want to demonstrate that the prospect has options to withdraw consent.

This record keeping applies to everyone, even existing customers. You might recall receiving lots of cleverly crafted emails about a year ago where contacts were given a chance to unsubscribe if they had decided they no longer wanted to receive email.

How Does GDPR Compliance Affect Outbound Leads?

The rules are relatively simple to follow and come down to the following:

  • Use increased transparency that visitors understand the permissions they’re given
  • Prospects must be able to remove themselves from lists
  • No selling of lists to third parties (unless the prospect has given permission)
  • Making the privacy policy easily understood and accessible

After taking some time to review GDPR as it relates to lead capture, my overall assessment was that the new rules were heightened versions of what was always considered best practice by companies that wanted to have active and interested participants in their outbound process. Besides, the GDPR compliance updates aren’t the only policies in place to protect prospects. Rules like CAN-SPAM, CSL, and other visibility rules have existed for years.

While some people thought the new GDPR compliance rules would spell the end for outbound sales, it really doesn’t seem that scary. At Uhuru, we’re not believers in traditional outbound tactics anyway. Our thought is that it doesn’t make sense to communicate with people who have no interest in what the company provides. Arm-twisting or sending repeated unsolicited emails is a waste of time and energy. If we contact someone and they respond with a “no thanks” or “unsubscribe,” we take it seriously and end our communications. Honestly, the contact is doing you a favor so you can focus attention elsewhere.

At Uhuru, we also operate differently from a sales approach. My colleagues and I are utilized in multiple ways that are advantageous to the company and our personal development. Because he and I have diverse, broad backgrounds, we’re also strategists, authors, content creators, and major participants and constructors of the entire lead-capture process. We’re not high-pressure closers “dialing for dollars.” And we wouldn’t recommend any company use those tactics.

Ultimately, the changes in GDPR compliance were welcomed by us because we all feel that greater transparency is a good thing.


Full Inbound Funnel hbspt.cta.load(468166, '653aa372-2183-4da5-8e35-1f8d342ec778', {});
Recent Blog Posts
Free Guide
How Fashion Ecommerce Should Do Content Marketing
The Ultimate Guide

Uhuru Investor Acquisition Resources

Sign up to get free investor acquisition articles straight to your inbox. Learn our proven systems that we use to increase website traffic, leads, and revenue.

Written by

Peter Lang

CEO, Co-founder

Free Guide

How to Build a Full Inbound Conversion Funnel

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat.

Leave a Reply

Your email address will not be published. Required fields are marked *

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.