Simply knowing that a contact is subscribed isn’t going to be good enough in the post-GDPR world; consent will need to be specific.
If you are already using a signup form that contains an opt-in checkbox with, “Yes, sign me up”, then that’s going to cease being the gold standard on May 25. In preparation for the GDPR, you should consider coming up with something more specific that informs the contact what those emails are going to contain, and how often you’ll be sending them.
Smoothing out the cracks in the opt-in text is crucial. You need to be specific but equally as important is being able to demonstrate you have that specific consent.
Fear not, we’ve taken the pain out of the process. You can now store – for free – the exact consent text a contact agreed to. We went one step further and made sure to include all of the geeky information such as the IP address they were on at the time, information about the browser they were using, and when they did it. And if their consent changes, we’ll keep the history too. You’re welcome!
You can request and store consent wherever you can add a contact (with the exception of adding individual contacts in the app).
The easiest way will be by creating a signup form. You can add consent text to your signup form, allowing you to describe the content you'll be sending to the contacts that sign up and the frequency with which you'll be sending it. When doing this, also try to include a brief summary of how you'll use their data. To create a signup form, select Contacts from the navigation menu and then select 'Sign up' forms from the drop-down displayed.
If you prefer creating signup forms with our surveys and forms tool, then you can use the new ‘Consent’ building block’. To create a form using our surveys and forms tool, click on the icon in the side navigation bar.
When consent is given by a contact, this information will then be stored alongside them as ConsentInsight and is useful for demonstrating consent under the EU's GDPR. It's also useful if you wish to be CASL compliant.
The following consent data will be stored:
- Consent text
- The date and time of consent (in UTC)
- The form's URL
- The IP address of the signup
- The full user agent
- The date and time the record was created (in UTC)
You can tick a box to only allow signups when consent is given.
If you’ve obtained consent by some other means, you can upload a ConsentInsight record by importing contacts via an Excel or CSV file, you need to map your columns names to the following consent fields:
Once you’ve imported a ConsentInsight record for a contact, you can easily view that record by going to the ‘Manage contact’ page and clicking on the ‘Insight Data’ tab.
Please note: For every ConsentInsight record, a DateTimeCreated field is automatically created and given the value of the date and time, in UTC+00:00, that the ConsentInsight record was created.
You can store up to five ConsentInsight records per contact, both in the app and in the ConsentInsight.json file when you export a contact.
If you’re thinking about retrospectively gaining and storing consent for your current subscribers, take a look at our two GDPR-themed program templates under Automation; you just need to fill in the blanks.