Perhaps one of the biggest changes to be brought about through GDPR is the way in which it elevates the requirements on organisations for handling consent. This significant change comes in the form of the new double opt-in policy, which will mean your organisation’s consent mechanisms are going to need to change.
The current common business practice for email communications is assumed consent, this means that companies will assume you’re willing to receive their emails until you state otherwise. This opt-out feature is usually provided in the form of an unsubscribe box attached to an email sent from the company.
However, GDPR is set to change all this, including what the definition of consent is within business communications. GDPR’s latest definition of consent is:
“Any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her”.
In plain English: you have to double check you have a customer’s permission to contact you.
The key aspects of this definition which are likely to affect your organisation’s existing consent mechanisms are the references to “unambiguous indication” and the requirement for “clear affirmative action”. Additionally, GDPR requires consent requests are clear and prominent and it requires that records of consent are kept. To help your organisation meet these crucial obligations of the GDPR, City Dynamics recommends a double opt-in process to handle consent for e-mail communication and marketing.
What is Double Opt-In?
Double-opt in essentially requires those opting into marketing and communication via your organisation’s website, to validate their instruction via an email. Whilst this approach will add an additional step to the opt-in process, incentives such as an asset download may help ensure click-through rates remain consistent after implementation of the double opt-in consent process.
How can Double Opt-In be Implemented?
In order to demonstrate how this is done, we’ve chosen to use the CRM service, Click Dimensions. Click Dimensions is City Dynamics’ preferred marketing solution for Dynamics 365. In the example below, we provide an overview of how ClickDimensions for Dynamics 365 can be used to implement a double opt-in process.
Let’s start by considering the various stages we will need to create this functionality within Dynamics 365:
The opt-in website form – This is the web form a user will use to enter personal details when beginning the double opt-in consent process. Consider the fields to be placed on the form and how the form will look.
The double opt-in e-mail confirmation request – This is the email received by the consenting individual requesting they confirm opting-in. Consider how you request confirmation.
The double opt-in landing page – This is the web page the consenting individual will be taken to once the double opt-in consent process is completed. Consider how to display this message.
If you’re looking for more information on GDPR, or want to know how to improve other areas of your business practice to ensure they remain GDPR compliant, visit our website’s blog page where you can find our latest content on GDPR.