Tutorials

[EN] Information obligation in email marketing

Suggest Edits

This is how easy it is to fulfil your information obligation in the eworx Marketing Suite

According to the new General Data Protection Regulation (GDPR), the data controller must provide the data subject with certain information about the data processing. The information obligations are significantly higher than before. For you in connection with email marketing, this means that users must be informed about what happens to the data they enter when they register for your mailings.

A professional email marketing software provider, such as the eworx Marketing Suite, will of course provide you with the most important information about the processing of the respective data. You only need to provide this information to the data subjects in a precise, transparent, comprehensible and easily accessible form and in clear and simple language. The information can be provided in writing, electronically and, under certain circumstances, in another form.

In this white paper, we summarise how you can best fulfil your obligation to provide information and where you can obtain the relevant information about the processing of your subscriber data in the eworx Marketing Suite.

What do I have to do to fulfil my duty to inform in email marketing?

Inform your future newsletter subscribers about what happens to the information they enter when you collect their data. To fulfil your obligation, you can, for example, integrate a separate newsletter section into your privacy policy. The privacy policy provides an overview of the collection and processing of data by the respective controller.

A complete privacy policy in the area of email marketing should include information on the respective controller, the purpose of the collection of personal data and the legal basis for the processing. You must also address the rights of the data subjects and the corresponding processing of the data. Customers of the eworx Marketing Suite have it good, because we provide our users with a corresponding draft of the privacy policy directly in our software.

The standard texts can be found in the form editor - you can switch to any form or create a new form. In the ‘Usage’ tab, you will find the corresponding explanation for integration on your website.

In the eworx Marketing Suite, you will be provided with a standard text to use in your privacy policy. However, we would like to take this opportunity to point out that in this case we cannot address the specific circumstances of your company. For this reason, we expressly recommend that you have your data protection provisions reviewed by your legal advisor.

Which text can I use to fulfil the information obligation?

According to Art. 13 of the EU GDPR, the controller is obliged to provide information when collecting personal data from the data subject. In order to fulfil this information obligation, it is advisable to supplement your current data protection provisions. Make sure that your privacy policy is up to date and prepared for the new regulation - and not just in the area of email marketing.

For legally compliant email marketing, we provide you with standard texts for the privacy policy and for integration into your forms. However, it is advisable to have your privacy policy checked by a legal advisor to ensure that it is 100% suitable for your individual circumstances.

You can find the standard texts directly in the form editor of our email marketing software. In the ‘Usage’ tab of any form, you will receive the corresponding information that you can integrate into your website.

Does the information obligation or the EU GDPR also affect the forms on my website?

The information obligation and parts of the new regulation also affect the use of your forms. Legally valid consent to receive your mailings is currently only possible if the scope of this consent and therefore the processing of personal data is specifically described. In this case, your updated data protection provisions come into play. Integrate your data protection provisions or a link to your data protection provisions in each of your forms.

We also provide you with a standard text in this case. You can insert this below your forms - for example in a text field - and link to your privacy policy. You can find the standard text in any form in the ‘Usage’ tab.

What do I need to be aware of when using checkboxes?

It is important that consent is actively given. A checkbox for receiving a newsletter that is activated in advance must therefore be avoided. Consent to the processing of personal data must also be given voluntarily - in other words, you must not oblige customers to sign up to an email list at the same time as they are using another of your services (e.g. downloading a study). In this case, pre-selected checkboxes where the user must actively remove the tick are also inadmissible.

What does the principle of data minimisation mean?

When collecting data via a form on your website, please also observe the principle of data minimisation. As part of privacy by default, all default settings must be made in such a way that as little personal data as possible is processed. In addition, only the personal data that is required for the respective purpose may be processed. In the case of email marketing, for example, only the email address is enough to be able to send the requested information.
What's Next
Tell your users what they should do after they've finished this page.

Updated 2 days ago