With GDPR finally enforced, marketers are now legally bound to handle, process and store personal data much more securely and transparently.
The regulations are putting consumers back in the driving seat by giving them control over their data, and the marketing communications they receive as a result of sharing that data.
Interestingly, GDPR has led to a cultural split in businesses. Marketo published a report revealing that GDPR has produced two ‘tribes’.
There’s the marketing-first group, in which senders have used the legislative changes around data to improve customer engagement, ensuring a level of efficiency in their marketing whilst they get closer to their customer.
On the other hand, there’s legal-first, which is the group of senders who have focused almost exclusively on the process and compliance aspects of GDPR, without considering the opportunity it presents.
For marketing-first senders GDPR provided an opportunity to refresh consent using a variety of engaging approaches, capturing consumer attention and imagination, while also achieving/maintaining compliance with the new requirements. Here are a few examples of brands who were highly successful in taking this approach.
Double opt-in and specific choice opt-in
There has been a lot of focus on the new consent requirements for GDPR, with the need for consent to be unbundled, granular, explicit, with named third parties, positive opt-in and easy to revoke cited as key tenets.
Furthermore, there is the additional obligation for data controllers to ‘keep evidence of consent – who, when, how, and what you told people’, as per the Information Commissioner’s Office’s (ICO) guide to the GDPR.
For this reason, many email programmes have moved to double opt-in, with the “click to activate” requirement providing the compulsory proof of consent. However, this action is often not completed, meaning that new subscribers can be lost easily.
An alternative approach that seems to be appearing more frequently is to require a positive action to opt-in or to opt-out, as with this example, below, from RSPB. The rationale here is that humans naturally want to take the path of least resistance and marketers have learned that when customers are presented with a choice where the default action is to do nothing, that is exactly what they will do!
However, requiring the selection of either the “Yes please” or “No thanks” option, and then using some nudge theory to advocate for the positive option (such as coupons/offers/information) increases the likelihood of marketers achieving positive opt-ins – as RSPB proves.
Also note the granular approach that RSPB now takes to obtaining consent – with separate options for them to say yes or no to being contacted by post, phone, email and text.
Looking at Return Path data we can compare RSPB subscribers from before this was enabled (click rate, benchmark=100), which shows that program performance has almost doubled (click rate, index=190) following the launch of the opt-in process.
RSPB users have unequivocally embraced this more responsible and conscientious approach to email marketing, and RSPB are benefitting from more engaged subscribers who are generating more traffic.
Teaching customers GDPR
Another way marketers have engaged with consumers is by presenting GDPR as a customer service benefit. By providing this compliance information in a clear and concise way, marketers have created interest in GDPR by presenting the new laws through a positive lens.
Lloyds Bank took this opportunity to educate its email subscribers, setting out the parameters and requirements of the GDPR in layman’s terms that were easy for the audience to understand.
What’s more, Lloyds also incorporated its GDPR email campaign with its wider digital marketing channel, including a plain-English FAQ landing page on its website for customers to learn more about GDPR.
Customers have clearly been appreciative – following this education programme, read rates of their notification emails, such as “new statement available”, have increased by a fifth while deleted-before-reading rates have halved, suggesting Lloyds has been highly successful in boosting customer trust and loyalty.
As previously mentioned, GDPR is also challenging data controllers to be clear and concise. There is an expectation to specify why the personal data is needed, using clear, plain language that is easy to understand. For this reason, several programmes are now presenting their privacy policies in a more visual form, even harnessing video formats to explain GDPR’s often highly legal, technical terms.
In this example from easyJet (and available in all major European languages), the information is presented in the form of a pre-flight safety briefing, and customers are reassured their data will only be shared for purposes of their safety, or to deliver a service purchased from easyJet or its partners.
Humorous yet comprehensible, EasyJet has taken an intangible and complex regulation and turned it into a compelling piece of creative that can be easily understood by all.
Humour and animation to convey GDPR
Most brands will use a specific tone of voice to communicate with customers, and in some cases, this will be light hearted or even tongue in cheek. Although GDPR is a serious topic, it doesn’t mean senders suddenly need to adopt a stoic tone – the messages can still be conveyed in a way their subscribers know – and even expect – of their brand, and this will have an impact on success.
In this great example from Missguided, subscribers were notified with a piece of language that is highly typical of this sender – “WTF is GDPR?”. As pictured, the email is tongue-in-cheek, engaging and informative, with a top five countdown of reasons to stay subscribed to Missguided’s email newsletter.
Harnessing incentives to remain compliant
GDPR is clear that consent must be freely given, and data controllers should avoid making consent a precondition of a service. However, this doesn’t rule out using incentives and the ICO’s GDPR consent guidance mentions the following:
“There will usually be some benefit to consenting to processing. For example, if joining the retailer’s loyalty scheme comes with access to money-off vouchers, there is clearly some incentive to consent to marketing. The fact that this benefit is unavailable to those who don’t sign up does not amount to a detriment for refusal. However, you must be careful not to cross the line and unfairly penalise those who refuse consent.”
Manchester United’s “Stay United” campaign offered subscribers the chance to win an all-expenses paid trip for two to see their team on tour in the United States. Another example of marketers harnessing incentives was seen with Brewdog. The craft beer company came up with the following stand out offer in exchange for new email sign-ups:
This promotion was spectacularly successful for Brewdog. Despite the stricter consent requirements, they have achieved quarter-on-quarter list growth of almost 10%, while simultaneously increasing read rates (up by a tenth) and reducing spam-filtering rates, which notably decreased by a third.
In an article from late 2017, David Reed correctly asserted, “GDPR is the perfect opportunity for businesses to rethink their approach to data and the enhanced customer relationships and experiences it allows.” These examples show he is entirely correct – brands using GDPR as an opportunity to innovate are clearly benefitting from stronger relationships with customers, who are now more engaged with their email programmes as a direct result.
Take a look at all Econsultancy’s GDPR resources, including a guide for marketers and online and face-to-face training courses.