Important caveat: This is not legal advice. Please consult with a legal expert before implementing any of this.
Someone recently quipped that the only way to be 100% compliant with GDPR is to shut down your business. Indeed, the entire area is fraught with uncertainty and many experts disagree about details and nuances of GDPR, especially given that a complementary legal framework, the E-Privacy Directive, is only expected to be published in early 2019.
Therefore, how you handle different aspects of GDPR implementation is largely a reflection of your own risk appetite and how far away from the worst case scenario of 100% compliance you are willing to stray.
The below is our own opinion based on consultation with experts about how we at Loyalty Bay would approach the topic of incentivising consent. It is not a recommendation.
B2C companies are about to lose access to big parts of their customer and prospect database. GDPR, coming into force on 25 May 2018, requires companies to stop emailing those who have not expressly opted in.
But there are ways to retain many contacts in your database: By giving them an incentive to opt back in. Here’s how we would do it.
Over the last few weeks, you probably also received a barrage of emails from companies who you haven’t heard from in ages, and who are trying to get you to opt into receiving their marketing emails.
I’m going to go out on a limb here and bet you haven’t reacted to any of them. Because why would you volunteer to receive a bank’s or a utility company’s newsletter? What’s in it for you?
Unfortunately, the tables are turned when it comes to your own audience. 99% of your database will be happy to stop hearing from you. That could amount to a massive loss for your business: Let’s say your average lead acquisition cost was £10 and your database has 100,000 leads — that is a loss of £1m, not to mention the ongoing opportunity cost of not being able to market to that user base.
Some losses are unavoidable, and most companies will not be able to retain most of their B2C audience.
But you can maximise your response rate by using incentives and small tokens of appreciation. A great example we recently saw was this:
This sounds great, but are there any restrictions around this? Can you just do this with your entire database? Can you use anything as an incentive?
What is the ICO’s stand on obtaining consent through incentives?
At the core of GDPR is consent. It has to be freely given, specific, informed and unambiguous. You can read the ICO elaborating on these four elements here, we’ll just point out one important passage where the ICO talks about incentives:
The ICO’s view is that it may still be possible to incentivise consent to some extent. There will usually be some benefit to consenting to processing. For example, if joining the retailer’s loyalty scheme comes with access to money-off vouchers, there is clearly some incentive to consent to marketing. The fact that this benefit is unavailable to those who don’t sign up does not amount to a detriment for refusal. However, you must be careful not to cross the line and unfairly penalise those who refuse consent.
So ensure that your incentive to receive marketing emails
- Is not coercive;
- Does not lead the customer to assume that opting in is a requirement to do business with you; and
- Does not unfairly penalise those who have not given consent (e.g. by restricting their access to certain products they used to buy from you in the past).
If the above requirements are being met, we at Loyalty Bay are happy to send incentives to our user base.
Don’t forget to ensure that the user is able to withdraw their consent at any time in the future. It’s best to emphasise this prominently to the customer when you ask for their opt-in.
Finally, provide generous opportunities for users to redeem their incentive. If the burger restaurant in the example above were to allow redemption only in a narrow time window (and mentioned this fact in the fine print only), that might still be in line with the letter of the law, but hardly a recipe for loyal happy customers.
What are the timelines?
25 May 2018 is the day when all businesses need to be compliant. Reduce the risk of penalties by obtaining consent before that day.
Now that we know that we’re ok to go ahead and know our timeline, let’s discuss how we can optimise the incentive process to keep our database opted in.
1. Determine if you’re talking to a B2B or B2C audience
If your audience is B2B, you are in a better position than your B2C colleagues. That’s because the European Commission has made somewhat of a U-turn and carved out exceptions around communication to businesses, provided there is a legitimate interest to contact them. Generally, in a business context, it is assumed that e.g. an HR person is by default interested in an HR SaaS tool, so the HR tool SaaS salesperson has a legitimate interest in contacting them.
However, confusion remains around the following questions:
- Can you only email generic addresses such as firstname.lastname@example.org or are also personal email addresses such as email@example.com exempt under the legitimate interest provision?
- What if someone uses their personal email address to communicate with you (firstname.lastname@example.org) although all your communication is of a B2B nature?
Here, as we mentioned before, it will be up to your level of risk appetite how you want to proceed. Again, there are no unambiguous answers to these questions.
For example, we at Loyalty Bay will be assuming legitimate interest with everyone with a corporate email address and only request (incentivised) consent from personal email addresses.
If your audience is B2C, you will have to obtain consent from them like we do with our customers using personal email addresses — one by one.
2. Analyse and prune your database (optional)
Now the question is — should you try to incentivise your entire database to consent or just a subset of those who you think have the highest likelihood to later become a customer?
You may want to prevent some people in your database from using the incentive if you believe that they have no intention of ever doing business with you (let’s call them reward hunters).
If you can identify reward hunters on your list, remove them — but remove them for good. If you irretrievably delete a group of subscribers (and hold convincing evidence in writing for having done so, e.g. screenshots of the deletion process with key parts of the email addresses blurred out so that they cannot be reconstructed), then you should be well within the range of the law.
Again: we are not lawyers, so don’t take this as legal advice, but we ourselves would be comfortable taking this step.
Beware though — just because someone has never opened an email from you, it doesn’t mean that they’re unlikely to become your customer. To the contrary, an incentive could be a great way of bringing your brand back into their circle of consideration.
There is also no reason to assume that we shouldn’t be able to offer different incentives to different types of people. For example, if customer A has spent 10 times more with us in the past than customer B, obviously A is more valuable, and we are happy to give them a more valuable incentive. The key is to be able to define the difference between the segments and to document our process. Then, within each segment, treat everyone the same.
3. Calculate how much you can spend
This should be fairly straightforward, as long as you have the relevant data.
When you look at your database over the last, say, 12 months, and have a reliable attribution model, you should be able to make a calculation like this:
- We had 100,000 non-customer subscribers 12 months ago. 2,000 of them became customers in these past 12 months as a direct result of email marketing. Each of these 2,000 has a lifetime value of £200.
- So a database of 100,000 people has a value of £400,000 which means that one email address is worth £4 to us.
You can do the same maths with your existing customers and how much you were able to upsell them through email marketing.
If you don’t have this kind of conversion data handy, simply consider how much you are paying these days to acquire email addresses and break it down on a unit level.
4. Be creative
You won’t be the first company offering an incentive to stay opted in, so try to find a fun and uncommon angle.
Here are a few examples:
A prize draw — probably one of the overall cheapest ways to obtain consent
A special VIP content and discount package created for those who opt in:
5. Get in touch with Loyalty Bay
Often, the choice that customers have can make the difference. We have partnered with over 150 different digital gift card providers worldwide and can offer pretty much any incentive and denomination you can think of. We take full care of fulfillment and everything is tracked and shown in your analytics dashboards.