An idiot’s guide to GDPR

An idiot’s guide to GDPR

You may have heard of this group of letters floating around, being linked to email and think that it might impact your job/company one day soon but don’t want to do the research and have to sit and actually absorb words like ‘legislation’… PAH. Here’s an easy and concise guide to see if you have to do anything about GDPR before the impending day of chaos –> 25th May 2018.


“Alex! Is it G.D.R.P or P.D.P.R?”

What is GDPR?
Simply put… a new privacy law which will mean brands having a stricter opt-in process to be able to collect data for EU citizens, no matter where you or your organisations are based. It also means having to bring any existing data up to date. It will replace the EU privacy directive.

Who will it effect?
Anyone collecting information on and sending communications to people in the EU.

What do I REALLY need to know??

Consent must be “freely given, specific, informed and unambiguous”

1. Consent can’t be a pre-ticked box any more. It has to include some sort of activity where the user is specifically agreeing to ‘receive offers’ for example.
2. There must be ‘adequate’ information given to the user about the brand and how their data will be used.
3. Collecting consent also means storing it for each user you mail to. If you are asked about compliance, you need to be able to prove you have it.

What are other companies doing about it?
Most seem to be looking in to running campaigns to confirm consent and make them aware of the changes.

What happens if I don’t comply?
You get punched in the face… by something called THE LAW. Or you might not, who knows?


Did that clear it up a little?



Further resources:

By Millie Bartlett

Millie Bartlett is the Marketing Strategist at Action Rocket, an email creative studio based in London. Find her on Twitter at @Amelia__Jane