By now, marketers should know that the General Data Protection Regulation (GDPR) went into effect on May 25, 2018. A common belief is that double opt-in methods for email marketing solves the regulation’s requirement for gaining consent to collect and/or process a person's (or, data subject’s) data—but it doesn’t. Why? Let’s break it down.
E-signatures have been an important part of many businesses' digital transformation. They’ve reduced paper waste and time spent printing and scanning contracts by replacing ink on paper with digital ink on PDFs. E-signatures should be easy; however, e-signatures on PDFs are just a stepping stone to a truly digital contract workflow transformation.
The General Data Protection Regulation (GDPR) has been enforceable for several weeks now. Leading up to its May 25 deadline, many marketers were (and still are) evaluating their consent capture and tracking methods, ensuring it was up to par with this new regulation. Where many fall short of compliance is by relying on double opt-in methods. Let us first state this: The information a double opt-in collects on its own is not enough to prove consent. When a user opts-in to your company’s newsletter by filling out a form, the link to complete the sign-up in the confirmation email does not provide the information needed to prove consent under the GDPR.
The present economy is trending towards being consumer-driven. That is, not only do your customers want instant access to your services anywhere at anytime (usually via a mobile device), they want it to be easy to use and self-service.
Not quite ready for the General Data Protection Regulation? You're certainly not alone! Thorough preparation for all aspects of the GDPR is the only way to truly ensure readiness. In the meantime, we’ve put together this GDPR Consent Management Survival Guide Infographic to help you get through May 25 and beyond.
The GDPR provides a “legitimate interest” exception to the use personal data. This exception allows companies to use personal data without obtaining consent from the data subject. Although this exception has gained traction lately, the idea of an organizations’ legitimate interest is processing personal data is not a new one. The exception first appeared in Article 7 of the Directive 95/46/EC, which the GDPR replaced. The exception is cited in Article 6 (f) which states:
The GDPR and the fact that it gives data subjects the right to be forgotten has become a hurdle for marketers. To make things a little more interesting, it is not an absolute right and there are circumstances where a request to be forgotten can be denied—it’s called legitimate interest.
Adore Me is a fast-paced women’s intimates startup, growing at a rapid rate that’s setting the benchmark for its industry. Adore Me has experienced exponential year-over-year growth since its inception, with revenues skyrocketing from $1M in 2012 to $84M in 2016. The company's customer base has grown to consist of over 11M women, predominantly urban millennials, and 80% of its traffic comes from mobile.
As the GDPR transforms from a distant vision to a fast approaching reality it is easy to get swamped in preparation and neglect some of the details of the GDPR. There is so much that the GDPR is that we find it necessary to point out what it is not.
We’re one month away from the GDPR (technically 5 weeks and 1 day), and businesses are are wrangling their teams together to get processes and compliance in place. In our latest webinar hosted by Kyle Robbins, JD, Legal Solutions & Privacy at PactSafe, we discuss what we know about May 25’s GDPR, as well as: