MailChimp and GDPR: How to run a re-permission campaign

The General Data Protection Regulations not only apply to new EU subscribers who opt into an email list, they also apply to EU subscribers who are already present on your list(s). 

What do you need to do to ensure your current subscribers, who opted into your List(s) prior to 25 May, have done so in a way that complies with the Regulations? 

Watch my quick video and read the transcript below to find out -

  1. When you need to run a re-permission email campaign using MailChimp

  2. My three top tips to help you decide when to send out a re-permission email campaign, and

  3. How to create and send a re-permission email using MailChimp's Subscriber Alert template.




In my last tutorial I showed you how to set up a GDPR-compliant sign-up form for all future subscribers opting into your Lists.  

Today I'm going to show you - 

  1. When you need to send out a re-permission email

  2. My three key considerations that will help you decide, and

  3. How to create and send out a GPDR compliant re-permission email using MailChimp.

I'll be sharing with you some expert examples of what a really good re-permission email looks like.  Plus, a special bonus, you'll be able to download my exclusive GDPR Email Marketing checklist.  



We've got a bit to cover so let's dive in.  

Step #1: When to send a GDPR Re-permission Email

According to the GDPR you don't need to send out a re-permission email to subscribers,

...if the manner in which consent has been given is in line with the conditions of this Regulation.

I don't know about you but that leaves me with a few questions.  So to help you decide whether consent has been given in line with GPDR I've come up with my three key considerations, as follows - 

#1 - Positive Opt-in

Do you have a record of positive opt-ins from all your subscribers?

This means a subscriber has taken positive action to confirm they'd like to receive your emails by clicking on a Subscribe button and confirming their instructions by way of a double opt-in.  Or they may have simply put a tick or a check in a box to confirm their wishes.  

Your Email Service Provider will have a clear record of exactly how and when a subscriber opted into your List.  This is how a positive opt-in record looks in MailChimp (below)


If you don't have a record like this then you need to send a re-permission email.  

If you've ever manually subscribed someone to an email List in MailChimp, for example, there will be an "Admin Add" in the 'Source' column of your subscriber records (below)

Up until now that has been absolutely fine but the GDPR will not consider this to be positive consent and you will need to run a re-permission email campaign to those subscribers.

If any of your email opt-in forms have included pre-ticked boxes you will also need to run a re-permission email campaign since this doesn't comply with the Regulations.  

I've included this image from Auto Trader's re-permission email campaign since it's a perfect example of how to ask subscribers to update their preferences in readiness for GDPR in a light-hearted way.  (Those of you who belong to my own email lists may recognise the design!)



#2 - Separate Consent for Separate Things

In my last tutorial I explained that if you were going to be sending distinctly different types of email marketing campaigns you need to allow your subscribers to choose exactly what sorts of campaigns they'd like to receive from you.  I showed you how to add 'granular' options (below) to your sign-up forms to enable your subscribers to choose.  

This particular sign-up form from Selfridges is a perfect example of how to collect 'granular consent' from subscribers.  


In the same way as you ask new subscribers to select their email preferences via a sign-up form, you need to give current subscribers the same choices.  To do this you'll want to send them a re-permission email, asking them to update their preferences. 

#3. If in doubt, send it out!  

If you're in any doubt whatsoever about when and how a subscriber opted in to your List then send them a re-permission email campaign.

If you're concerned about irritating your subscribers with too many emails then just incorporate the pertinent paragraphs from the re-permission email into a campaign that you were going to send them in any event.  

So now that we've covered all of that, let's take a look at the actual template that MailChimp have provided.  


Step #2 - How to Create and Send a Re-permission Email in MailChimp

To find the appropriate template you need to click on the "Create Template" button, go to the "Theme" tab and click on the dropdown menu. You'll see right at the bottom there are two "Subscriber Alert" templates; click on this and select the "GDPR Subscriber Alert" template.  

Like all MailChimp templates you can fully customise this one to add your own brand colours, style and personality by clicking on the Design tab.  You can upload your business logo at the top.

You're free to use MailChimp's suggested body text or you can add your own paragraphs; it is entirely up to you.  

Similarly the button text on your CTA is also customisable.  On the right hand side of your screen you'll see that in the "Web address (URL)" box there is a field code *|UPDATE_PROFILE|*.  Do NOT change this since, once a subscriber clicks on the CTA button, they'll be directed to the "Update profile form" on the MailChimp Form Builder.  


Again this form is fully customisable; you can edit it by adding your own body text or upload an image if you prefer.  

So that it is absolutely crystal clear to your subscribers what they need to do you might want to include a short paragraph of instructions asking them to -

  • select which type of email they'd like to receive from you

  • put a tick in the appropriate box, and

  • click on the 'Update Profile' button to save their preferences.

You might also want to include a link to your Privacy Policy, Cookie Policy and Terms, if appropriate, just to be absolutely honest and transparent with your subscribers about how you will use their data.  You might also want to suggest gently that if you've not heard from anyone by 25 May you'll have to remove them from your List. 


Once you've completed editing the template save and close it and then attach the template to an email campaign in the usual way to send out to your List(s).


Segmenting your List

Once you've sent out your re-permission emails you'll need to start segmenting your email Lists in exactly the same way as I showed you in my last tutorial so that you only send out the right emails to the right people.  

So I hope that answers a few of the questions I've been sent recently, and thank you so much for all your wonderful feedback.  

To download your free GDPR Email Marketing checklist click on the button below.


If you require more in-depth, legal advice about email marketing and GDPR please refer to the ICO, the Information Commissioner's Office.


As usual if you enjoyed reading my blog please give it a like below and share it with your friends.

You can also subscribe to my YouTube Channel and ensure you don't miss out on any more email marketing tips.