3 Step Solutions News and Updates

How To Create GDPR Compliant Opt-ins [+ Free Resource]

Wednesday, May 23, 2018

While 3 Step Solutions is compliant to the new GDPR regulation going into effect on May 25th, you are responsible to make sure your business is and the majority of on-going regulations revolve around GDPR compliant opt-ins.

What is GDPR & Why Does It Matter?

GDPR is the General Data Protection Regulation of the European Union.

It is the most important change in data privacy laws in over 20 years and defines how consumer data can be collected, used, and must be protected. It is enacted to protect individual rights and privacy to their own personal data.

Without laws and regulation like the GDPR, it would be incredibly easy to share a consumer's personal information without their permission. 

Everyone should have a right to know where and how their information is used. Their information should only be used how they are expecting it to and the GDPR helps to prevent businesses from taking advantage of any potential loopholes.

Why Comply With GDPR?

Complying with the GDPR not only is the right thing to do for your contacts data, it also is EU law. So whether you are an EU resident or not, if you have contact data from a resident of the European Union, you must comply.

When you comply you:
  • Protect the data of your contacts from breaches. 
  • Protect your business from data breaches. 
  • Avoid severe fines (getting caught being noncompliant can result in fines up to ~$24.6 million USD).
  • Present a trustworthy brand to your audience.

Why Do You Have To Worry About Changes When 3SS Already Complies?

It would be fantastic if all of the 3SS users could be compliant just because we are, but, unfortunately, it doesn't work that way. Each individual organization is responsible for complying with the GDPR regulation. 

But we can provide you some tools to check your current contact list is compiled and how to create a compliant opt-in form.

What Can You Do To Comply?

Send Out An Email To Opt-In

If you're a contact of 3SS, you may have noticed an email you received asking you to make sure you are receiving the emails you want to receive from us. Sending an email like this allows you to organize your current email list to adequately comply with GDPR before it goes into effect on May 25th.

This email and the corresponding landing page is available to you in the Shared Library, all you need to do is edit the links to correspond to your website! Just go to Newsletters in the Backoffice and "Browse Shared Emails," specifically searching for the "GDPR Compliance Newsletter." Make sure you also go to "Campaigns" and select "Browse Shared Campaigns," selecting "GDPR Compliance." You'll want to make sure you customize the email, campaign, and form to be about your brand and what pertains to your contacts.

Update Or Implement A Privacy Policy

One of the major points of GDPR is transparency on how data is used and stored. Having a clear and accessible privacy policy that informs your website visitors how collected data will be stored and used is integral to being compliant. 

If you currently have a privacy policy, it should just take a few simple tweaks to update it, but if you don't have a privacy policy, now is the time to create one! You don't need a lawyer to create one, there are a few services online you can use.

Once you have your privacy policy, you want to make sure it's accessible on every single page of your website, the easiest way to do this is including a link to it in your website footer.

Always Asking for Consent

After you've updated your list's email preferences and privacy policy, the only thing you will need to worry about is making sure you are appropriately asking for and using your contacts data. But, what does this look like?

Previously, you could have someone join a month-long cleanse and once the cleanse completed, start sending them other emails such as your newsletter or another campaign entirely. With GDPR, doing that to is a big N-O.

Now, with GDPR, you can only use the contacts data how they explicitly gave you permission to and without combining a few different actions. Using the example above, I would have to either only contact my new lead with things pertaining to that cleanse or add an additional opt-in for a monthly newsletter, like the example below:


Right before they submit the form they are asked if they would like to receive my bi-monthly newsletter, I made this an explicit yes or no question instead of a checkbox so that no one can mistakenly join or think that in order to be a part of the cleanse they need to receive the newsletter.

Adding an additional question to your forms is the easiest way to have new leads subscribe to your newsletter or opt-in to receiving additional information, but it's not the only way. You could also have a sandwich page, where before you deliver the new lead to your magnet, you send them to another page with a form asking if they would like to receive emails about another topic or subscribe to a newsletter. 

If you already have people in a funnel that you want to join another campaign, include a link within your emails about joining the other campaign. For example, If I already have people in my cleanse and I think they would really benefit from receiving my bi-monthly newsletter, I could say "If you want to keep receiving helpful tips like how to cut sugar from your diet after this cleanse ends, subscribe to my bi-monthly newsletter." I would hyperlink this text to a page with a form where they could subscribe to my bi-monthly newsletter.

Are you looking to find out more about GDPR? Let us know your questions in the 3SS University Group on Facebook and don't forget to grab the GDPR Newsletter and Campaign from 3SS Library to share with your current list today!