Lately many of the author groups I belong to have been buzzing with questions about the General Data Protection Regulation (usually called GDPR because it’s a mouthful). I’m used to seeing marketing questions bubble up in these groups, but most of our talk about data and content ownership focuses on copyright. GDPR focuses on your readers’ rights to own their data, and many people aren’t really familiar with was this means and how it might impact authors and bloggers email newsletter lists. I’m here to help.

I’ll cover how GDPR impacts your email subscriber list, what you may need to do, what you don’t need to do, and generally explain why you do not need to freak out (but you shouldn’t ignore it).

But first, who am I to be dispensing this advice? In addition to writing awesome contemporary fantasy, I am a c-suite marketing executive with 15+ years experience in ecommerce and digital marketing. I’m a frequent speaker and advocate for the use of artificial intelligence and machine learning to advance marketing, and generally care a whole lot about good data and transparency in its use. I am not, however, a lawyer. So, this advice is practical, but isn’t meant as legal advice.

What is GDPR?

The General Data Protection Regulation (GDPR) is an EU rule for the European Economic Area (EEA) that will go into effect on May 25, 2018. This regulation’s goal is to give people ownership of their data, increasing understanding of what information customers are giving to businesses and how its used, and providing them the option to request it be updated and/or deleted. While it’s a European law, those outside the EU need to be compliant with data they acquired from customers who live within the EEA. Thus the whole hubbub in the U.S. right now, and why you’re getting acquainted with the rules.

When it comes to email lists and compliance with GDPR it’s all about repermissioning. Basically, the people on your list need to know what they signed up for, how you might use their information, and be given the option to have you delete it at their request. This means asking them to confirm they’re cool with all that again now that you’re following the GDPR rules. Let’s break it down.

GDPR for Email – The Basics

Opt-in Checkboxes – The tiny checkbox next to a contest entry or email sign up that says “I want in!” needs to be unchecked by default. You need to let the reader click it, and make it clear what they are consenting to. This is especially important when people are entering for contests or a signup for multiple author lists. The language needs to be plain that checking the box will sign them up for emails.

How Will You Use Their Info? – Tell your readers if you will be using more information than their email, for example “emails may be tailored by your location data if I have a book signing nearby.” If you don’t segment your list at all or use any data other than their email address, you don’t have to worry about this.

Repermissioning – Anyone who joined your email list before you had a double opt-in (where you get the email with a link to confirm you meant to sign up) or before the aforementioned “unmarked” checkbox, give them a heads up how you’ll use their email and ask them to confirm they still want to hear from you.

Caveats and Exceptions!

You might already be compliant – You don’t need to repermission subscribers who signed up under the transparent, GDPR-compliant policies. So if they marked the checkbox or confirmed by clicking a link in a subscription confirmation email (double opt-in), you don’t have to get the OK again.

Are they in the U.S.? – GDPR only applies to your European subscribers who reside in the EEA. Though, from a marketing standpoint transparency is awesome and why would you want people on your list that don’t want your emails? This means you can only do the repermissioning with those you think live in Europe. Your email vendor (e.g. MailChimp) should be able to help with this.

Are you already sending an email this month? – You don’t have to make a separate email to handle the repermissioning. If you’re already sending a newsletter to your readers this month, add a “Do you still want to hear from me?” block at the top of the email that lets the reader click to continue receiving emails from you under the new format. I like the example below from the North Face.

The North Face Repermissioning Email (Photo: Emarsys, click for their great supplemental guide on GDPR)

The North Face Repermissioning Email (Photo: Emarsys, click for their great supplemental guide on GDPR)


If you already use double opt-in for your email list, you’re cool. If you don’t, and you have readers on your email list who live in Europe, get their permission again to stay on the list (or the chance to opt out). This isn’t going to be a bad thing. Your email list gives the choicest info, teasers and giveaways to readers (at least mine does. You should join with all the consent!), and you only want to give those super special tidbits to your loyal crew. If someone doesn’t want your email, spamming them isn’t going to increase books sold or pageviews. Trust me.

Need more help?

Well, I do some consulting, but since you’re cool: hit the comments! If you have questions about this or other marketing questions, leave them below or email me and I may feature them in a future Author Marketing Help Desk post.

Malcare WordPress Security