GDPR - anyone working in this area?
Discussion
Rollin said:
An exemption was debated in parliament yesterday...and rejected.
DELETED: Comment made by a member who's account has been deleted.I imagine there will be thousands of none compliant practices come May 25th. Many will be beyond caring too so you might not get the reaction you were expecting if you intend contacting some.
I'm down to 2 days per week actually treating patients because I have to deal with yet more stupidly drafted regulation like this.
desolate said:
Is there a clear definition of what constitutes a business?
We work mainly in insurance and there we have the situation where most businesses up to 1 million turnover are classed as a consumer.
You're classing them as a consumer, aren't you? Their legal definition is probably relevant here.We work mainly in insurance and there we have the situation where most businesses up to 1 million turnover are classed as a consumer.
Rollin said:
DELETED: Comment made by a member who's account has been deleted.http://www.opticalconfederation.org.uk/news/latest...
Hoofy said:
Today I got an interesting email about my GDPR confirmation.
The email had a link. I clicked it, the web page confirmed that I had approved the business. Slicker than getting someone to re-input their details. Is there something like this available for mailchimp? (My data is on mailchimp.)
I was looking into this for a client yesterday. MailChimp's opinion is that you need a positive confirmation so the minimum you can do on the website is pre-fill the form and have a tick box for the contact type. I would tend to agree with this as the one-click confirmation would be hard to prove was definitely a conscious choice if one of your subscribers decided to be awkward.The email had a link. I clicked it, the web page confirmed that I had approved the business. Slicker than getting someone to re-input their details. Is there something like this available for mailchimp? (My data is on mailchimp.)
You can hack it together yourself using the API if you disagree with that opinion.
loafer123 said:
A quick question for the experts.
Is it OK, in a GDPR consent email, to say that all registered subscribers will be entered into a prize draw?
Obviously I am trying to increase open and click rate...!
DELETED: Comment made by a member who's account has been deleted.Is it OK, in a GDPR consent email, to say that all registered subscribers will be entered into a prize draw?
Obviously I am trying to increase open and click rate...!
All opt outs have always been removed via Mailchimp unsub.
Of the remainder, many are compliant already and we are intending to email the remainder that need positive affirmation.
Sensible approach?
loafer123 said:
Shame! Why is that?
DELETED: Comment made by a member who's account has been deleted. A PM/chat on Monday would be great - it is my wife’s online retailer, so will consult with the boss...I am the teaboy, management accountant and webmaster a couple of days a month for her and do complex property for a day job!
m1dg3 said:
Hoofy said:
Today I got an interesting email about my GDPR confirmation.
The email had a link. I clicked it, the web page confirmed that I had approved the business. Slicker than getting someone to re-input their details. Is there something like this available for mailchimp? (My data is on mailchimp.)
I was looking into this for a client yesterday. MailChimp's opinion is that you need a positive confirmation so the minimum you can do on the website is pre-fill the form and have a tick box for the contact type. I would tend to agree with this as the one-click confirmation would be hard to prove was definitely a conscious choice if one of your subscribers decided to be awkward.The email had a link. I clicked it, the web page confirmed that I had approved the business. Slicker than getting someone to re-input their details. Is there something like this available for mailchimp? (My data is on mailchimp.)
You can hack it together yourself using the API if you disagree with that opinion.
DELETED: Comment made by a member who's account has been deleted.
What would make a business need re-consent?I've received a few emails now from companies saying, "If you don't hit the unsubscribe button, we will continue to email you". Mailchimp suggest the opposite, that subscribers need to re-consent.
RM said:
What would make a business need re-consent?
I've received a few emails now from companies saying, "If you don't hit the unsubscribe button, we will continue to email you". Mailchimp suggest the opposite, that subscribers need to re-consent.
I think they've got it wrong. It's opt-in not opt-out.I've received a few emails now from companies saying, "If you don't hit the unsubscribe button, we will continue to email you". Mailchimp suggest the opposite, that subscribers need to re-consent.
I am on BMW's email list and I don't want to opt in, so am ignoring them. However they are bombarding me with "you haven't opted in yet" emails plus a letter in the post. I can only think their marketing department must be on a retention bonus! Many other requests to opt in are getting filtered straight into my junk/spam folder as well.
I have had a couple of funny ones, one claiming to be the most boring email ever and one saying they have had to send it to stay out of a Russian gulag.
I have had a couple of funny ones, one claiming to be the most boring email ever and one saying they have had to send it to stay out of a Russian gulag.
I don't think anyone actually knows! You can already see how much confusion this one aspect is already causing. My understanding is that If you are an existing customer/subscriber then "legitimate interest" should negate any need to opt-in for a second time - but who really knows for sure?
If you can show that the customer has given you permission for a specific purpose then you don't nee to re-ask them for permission for that purpose again. It's clear though that very few companies have been keeping records of how they've obtained people's personal data, which is why you're being bombarded with these opt-in emails.
And you definitely have to opt-in to things now, unless you can find a "different lawful basis": https://ico.org.uk/for-organisations/guide-to-the-...
And you definitely have to opt-in to things now, unless you can find a "different lawful basis": https://ico.org.uk/for-organisations/guide-to-the-...
Bikerjon said:
I don't think anyone actually knows! You can already see how much confusion this one aspect is already causing. My understanding is that If you are an existing customer/subscriber then "legitimate interest" should negate any need to opt-in for a second time - but who really knows for sure?
I'd have thought "legitimate interest" would be fine in the BMW example above. Surely BMW can quite reasonably say it's in their legitimate interest to send new car information to people who have previously crossed their path somehow.jammy-git said:
If you can show that the customer has given you permission for a specific purpose then you don't nee to re-ask them for permission for that purpose again. It's clear though that very few companies have been keeping records of how they've obtained people's personal data, which is why you're being bombarded with these opt-in emails.
The really stupid thing is that if they can't show consent was given in the first place then arguably the firms shouldn't be emailing them at all. The ICO has issued penalties for this under PECR - Honda got one.Gassing Station | Business | Top of Page | What's New | My Stuff