The General Data Protection Regulation took effect on May 25, 2018. Here’s what you need to know.
Disclaimer: The contents of this web page do not constitute legal advice. This page is for informational purposes only, and we strongly encourage you to seek independent legal counsel to understand how your organization needs to comply with the GDPR.
Get ready to collect GDPR-friendly consent
GDPR must be both informed and explicit. We created a guide to GDPR-friendly consent to help you understand the requirements and prepare accordingly. Learn more about explicit consent, and find suggestions for using ActiveCampaign to collect consent from new contacts, ask existing contacts to re-consent, and record and track proof of consent.
Learn how to set up opt-in confirmation
Enabling double opt-in is a best practice that may help you comply with the affirmative consent requirements of the GDPR. When double opt-in is enabled, contacts will need to confirm their email address before receiving further communications.
You can learn how to enable double opt-in in this help center document.
Familiarize yourself with how to edit and delete contacts
Under the GDPR, contacts have the right to request correction or deletion of their data. Familiarizing yourself with how to edit and delete contact information may help you comply with such requests once the GDPR takes effect.
Familiarize yourself with how to export contact data
The right to data portability and right of access enable contacts to request their personal data. Exporting contact data can help you comply with these requests.
You can learn how to export contact data in this help center document.
Learn how to add personal data usage statements to your opt-in forms
The GDPR requires that you tell people how you will be using their personal data when you collect it. This is part of the new affirmative consent requirements.
Although the exact statements you need to include depend on how you use the data, you can include any statements you like by using an HTML block in your ActiveCampaign forms.
Additionally, you can use custom fields to add an additional check box that indicates explicit consent. Learn how to add custom fields in this help center document.
Obtain proof of consent from existing contacts
The GDPR requires you to be able to demonstrate proof of explicit, affirmative consent from data subjects. Significantly, the regulation also applies to contacts from whom you have already collected personal data.
If you are not currently able to demonstrate proof of affirmative consent for your contacts, you may need to reach out to existing contacts to obtain consent before the GDPR takes effect.
Delete contacts and lists you no longer need
The GDPR is intended to protect the privacy of data subjects, which includes minimizing the risk that data can be misused. It may make sense to delete unsubscribed contacts and lists you no longer use, to reduce risk.
Consult a legal professional
The contents of this page are informational, and do not constitute legal advice. To fully understand the effects of the GDPR on your organization, we strongly recommend you seek counsel from a qualified legal professional.