MailChimp: Collect Consent with GDPR Forms

This article is from the MailChimp website and can be accessed here.

If your business is based in the European Union (EU), or you process the personal data of EU citizens, the General Data Protection Regulation (GDPR) affects you.

The GDPR says you must obtain freely given, specific, informed, and unambiguous consent from your contacts. You also must clearly explain how you plan to use their personal data. So we’ve updated MailChimp signup forms to help you stay compliant with this law. Our optional, GDPR-friendly forms include checkboxes for opt-in consent and editable sections that explain how and why you are using data.

In this article, you’ll learn how signup forms can help you comply with the GDPR.

Before You Start

Here are some things to know before you begin this process.

  • First of all, it’s important to know that simply enabling GDPR fields on your signup forms does not make you compliant. It’s the first step of the process. To collect consent from new and existing contacts, you’ll set up your forms, create a segment, and send a consent campaign.
  • GDPR forms are not compatible with embedded forms or MailChimp Subscribe.
  • GDPR forms are only compatible with certain styles of pop-up forms.
  • MailChimp offers tools and information as a resource, but we don’t offer legal advice. We recommend you contact your legal counsel to find out how the GDPR affects you.
  • Plus, if you’re located in the EU or use MailChimp to market to anyone in the EU, review Section 20 of our Terms of Use and Section 16 of our Privacy Policy. These sections include important information about how MailChimp treats EU data, and what you should do if you’re keeping EU data in your MailChimp account.

Collect Consent with GDPR Forms | MailChimp

How It Works

Just enabling GDPR fields on your signup forms will not make you compliant. It’s the first part of a multi-step process. Here’s how it works.

Set up your GDPR-friendly signup form

  • Enable GDPR fields
    Turn on GDPR fields for the signup forms for each list affected by the GDPR.
  • Edit GDPR fields
    MailChimp provides suggested language for GDPR fields to make it easier for you to create your GDPR-friendly forms. You might need to edit this language to fit your marketing plan, so be sure to review it carefully. If you choose to write your own descriptions, make sure you’re explicit about why you’re collecting data.

Segment your list by marketing permissions

Segment your list based on the marketing permissions you receive from your signup form. You don’t have to wait to collect your data to create segments. After you create and save your segments, you’ll be able to access them anytime. Give your segments descriptive names so you can find them easily

Collect consent

  • From new contacts 
    After you save your changes in the form builder, that signup form will include GDPR fields on compatible published forms. New contacts that use your signup form will be able to give explicit consent to your marketing.
  • From existing contacts 
    You’ll also need to collect GDPR-friendly consent from the contacts you already have. Send an email to everyone on your list that includes a link to update their settings.

Send your campaigns

After you save your segment, use it to send your email or ad campaign only to the people who have given consent through your signup form.

GDPR Fields

GDPR form fields include checkboxes that your contacts will use to opt-in to your marketing, and space for you to add necessary information. MailChimp provides suggested language that you can edit to fit your marketing plan. Make sure each section accurately describes your marketing activities.

This table explains what you need to include in each field.

 

Description This field describes why you are collecting the information on your form, such as providing marketing and product updates.
Options This field uses checkboxes to get consent for each marketing activity you conduct. MailChimp will provide a few common marketing activities to choose from, and you can add your own. Remember that each marketing activity must be clearly communicated and requires separate consent.
Legal Text This field explains how you’ll use contacts’ data. Statements you make in this section must be consistent with your practices, so be sure to edit this field to meet the needs of your business. Include your contact details on the signup form – the GDPR requires the organization collecting the personal data (that’s you) to identify themselves. Let your customers know they can change their mind at any time with the Unsubscribe link.

If you plan to use data you collect from your contacts to advertise online, clearly explain your advertising activities and make sure your Cookie Statement describes any cookies or tracking technologies you might use. If you’re not sure, MailChimp’s Cookie Statement includes a section called Cookies served through the Services that describes technology you (or your website) might use, depending on the features you use through MailChimp.

Privacy Policy and Terms This non-editable field lets your contacts know that you’ll be storing their info in your MailChimp account, so there’s no need for you to describe this storage activity in the legal text field of your form. A link to MailChimp’s Privacy Policy and Terms is included.

Advertising activities

If you plan to use data you collect from your contacts to advertise online, clearly explain your advertising activities and make sure your Cookie Statement describes any cookies or tracking technologies you might use. If you’re not sure, MailChimp’s Cookie Statement includes a section called Cookies served through the Services that describes technology you (or your website) might use, depending on the features you use through MailChimp.

Privacy Policy and Terms: This non-editable field lets your contacts know that you’ll be storing their info in your MailChimp account, so there’s no need for you to describe this storage activity in the legal text field of your form. A link to MailChimp’s Privacy Policy and Terms is included.

Which forms are compatible with GDPR fields?

After you enable GDPR form fields for your list, these fields will be included on the hosted signup forms for your list, update profile forms, and signup landing pages.

The fields will also be included on pop-up forms that use the Modal design format, and either None or Top image alignment.

 

 

GDPR fields are not compatible with embedded forms, form integrations, or MailChimp Subscribe.

Set Up Your GDPR-Friendly Signup Form

To use GDPR fields on your signup forms, enable them for each list that collects or contains personal data from EU citizens, then edit them to reflect your marketing practices.

Enable GDPR Fields

After you enable GDPR fields for a list, they will be available to view and edit in the form builder. These fields will be included on most signup forms associated with that list, including pop-up forms, the hosted signup form, and signup landing pages.

  1. Navigate to the Lists page.
  2. Click the drop-down menu next to the list you want to work with.
  3. and choose Settings.
  4. Click List name & defaults.
  5. Check the box next to Enable GDPR fields.
  6. Click Save List And Campaign Defaults

You’re all set. GDPR fields will appear in the form builder for you to view and manage. On the Lists page, you’ll see a GDPR icon next to the name of the list.

 

Edit GDPR Fields

GDPR fields are only editable from the form builder. The changes you make in the form builder will apply to most MailChimp signup forms, including compatible pop-up forms and landing pages.

  1. Navigate to the Lists page.
  2. Click the drop-down menu next to the list you want to work with and choose Signup forms.
  3. Click Select next to Form builder.
  4. In the Build It section, click Field Settings.
  5. Edit your GDPR fields. When you’re done, click Save Fields.If you’d like to require your contacts to choose an option before they subscribe, check the box next to Require at least one option.
  6. When you’re done, click Save Fields.

After your forms are in use, be careful about any further edits you make. If you change a checkbox option, the consent you received before making the change will no longer be valid and you’ll need to reconfirm opt-in. If you want to change your form, we suggest that you add a new checkbox or remove an old one.

Segment Your List By Marketing Permissions

After you’ve set up your marketing permission checkboxes, segment your list to make sure you send your campaign only to the people who have given consent through your signup form.

To create and save a segment in your list, follow these steps.

  1. Firstly, navigate to the Lists page.
  2. Then click the name of the list you want to work with. Your GDPR lists will have a badge next to the list name.
  3. Find Create A Segment and click it.
  4. After that, you’ll find in the first drop-down Marketing Permissions.
  5. Then create a separate segment for each marketing permission. You can add up to five conditions to create a segment that includes contacts who have opted-in to more than one marketing permission.
  6. When you’re satisfied with your conditions, click Preview Segment to view the contacts that match your conditions.
  7. Click Save as segment.
  8. In the Save Segment pop-up modal, type in a name for your segment, and click Save. Make sure the Auto-Update box is checked. This will update your segment each time new contacts join.

To learn more about managing segments, check out Save and Manage Segments.

 

If you’re interested in finding out how you can make your website GDPR compliant, download our FREE infographic here. Or get in touch at info@jerram.co.uk to have a chat about your website needs.

Spread the love
Author: Marie Roberts

8
Leave a Reply

avatar
4 Comment threads
4 Thread replies
0 Followers
 
Most reacted comment
Hottest comment thread
5 Comment authors
Marie BoultonHoward MatthewsUnknownJames NuttCraig Recent comment authors
  Subscribe  
newest oldest
Notify of
Craig
Guest
Craig

i don’t have a “marketing permissions” field to segment a list, there is just no option for it. Any ideas why?

James Nutt
Guest
James Nutt

Hi,

The ‘update setting’ link on the re consent form sends me to a form saying Come, Watson, come! The game is afoot.
You’ve stumbled upon a missing page, but the evidence is elementary. We’re on the case.

Is this a fault with Magento or am I doing something wrong?

James

Unknown
Guest
Unknown

This is my first time on here and I am really impressed to
read everything in one place.

Howard Matthews
Guest
Howard Matthews

Current puzzle – on the day, is how to check that consent has been given, other than to go through every contact profile? My whole list shows as “subscribed” but going into profiles shows some GDPR consent by email and some blank – I have to assume that the blanks have not consented. Is there a report I can run showing consent, rather than just “subscribed” which doesn’t seem to be the same thing??

Latest articles...

Why You Need Website Support & Maintenance

Why Your Website Needs Support and Maintenance A lot of people assume that once their website is up and running,…

Read article

Approaching The Board About A New Website

Are there moments in your day when you need to send your website link to a customer and you just…

Read article

The First Newsletter of 2019!

Christmas trees are (hopefully) down, wrapping paper recycled, unwanted gifts from mothers-in-law are hidden around the house and there are…

Read article

Tel: +44 (0)845 003 7246
ideas@jerram.co.uk

Jerram Marketing Limited
200 Brook Drive, Green Park
Reading. RG2 6UB
United Kingdom

Are you sure?

By disagreeing you will no longer have access to our site and will be logged out.

Privacy Preference Center

Strictly Necessary

Cookies that are necessary for the site to function properly.

DYNSRV

Performance

These are used to track user interaction and detect potential problems. These help us improve our services by providing analytical data on how users use this site.

_ga, _gat, _gid

Close your account?

Your account will be closed and all data will be permanently deleted and cannot be recovered. Are you sure?