I added the two boxes on the lead collection forms (see image below as an example) purely and simply to give you a choice about the data you collect - IF YOU WANT TO!

Those choices are not set in stone, and don't have to be applied, unless you have specifically said you will in your privacy policy.

Those tick boxes are there if you have stated in your privacy policy, that you will not send people content that they haven't specifically requested.

I've given you those options, only should you decide that you DO want to use them, but you're not obligated to.

If that sounds a bit confusing, you should read the more detailed article on turning GDPR principles into practice, at this link.

Many companies, certainly in the UK, have continued to send their email list, emails pertaining to their business activities, citing the basis of legitimate interest ie. if they signed up to something once, they are legitimately interested in the activities of that business.

It would be very hard, possibly impossible in fact, for the Information Commissioner's Office (ICO) who regulate GDPR, to argue against legitimate interest if someone signs up to receive information from you, if on balance most of the emails you send your customers are of a similar kind and you give them a way to unsubscribe from further information (unless they specifically request it by signing up to another form).

In other words, if they signed up to some educational resources, it would be perfectly legitimate for you to continue sending these resources (even if they didn't tick the box above to specifically request them) on the basis that they've shown legitimate interest in that kind of content before.

What you MUST do however, is give them an unsubscribe option on those additional unsolicited emails. And respect that unsubscribe choice by not sending future emails of any kind, regardless of whether they are nurture (value-added) emails or sales ones.

I added those tick boxes to cover you, if you have specifically stated in your privacy policy, that you won't send any information that hasn't specifically been requested. Personally, I don't feel that's a necessary decision, but if you've chosen to go down that route, those boxes are there purely to allow you to be able to filter if you deem it necessary.

The most important thing is that you comply with the 7 principles of GDPR which you can learn more about at the following link.

When we send your data over to Mailchimp, we include these as groups or tags (I can't remember which) so that you have the choice of using those choices in future email newsletters, if you choose to, but you are not obligated to, and the general view taken by most businesses, is that if you do take that path, it is an excessively extreme application of GDPR.

At the end of the day, GDPR is there to help us protect the use of our own data. It's not there to stop you talking to your prospects and customers, it's there to make sure you don't abuse that data by putting it at risk of being stolen, used or abused for reasons outside its collection. And that's the important take-home message.

More Resources

Did this answer your question?