Opt in checkboxes & consent for email marketing
re your opt in checkboxes really obtaining consent for email marketing? If you’re marketing to EU citizens – directly or indirectly – you need to keep GDPR requirements in mind. Why? Well, when it comes to checkboxes, only a few options really allow you to prove that you have consent.
In this blog post, we’ll look at best practice tips for opt in checkboxes. While it might be easier to grow your email list with ‘worst practice’ approaches, focusing on best practice helps you:
a.) protect your business from data misuse complaints;
b.) carefully store opt in confirmation data to allow for easy auditing;
c.) give users the best possible experience, allowing them to remain in control of their personal data & how it’s used.
FORMS, CONSENT & GDPR
If someone fills in a service enquiry form on your site, you can call & / or email them to discuss your service. You don’t instantly have permission to add them to your subscriber list. Unless, that is, they’ve ticked a checkbox opting in or signed up via another form.
To add someone to your subscriber list, they need to give you their permission to do so. This is referred to as consent. Consent should specifically be for your email marketing service. If you just start adding everyone to your email list, you could find:
a.) Email engagement rates dropping;
b.) Complaint rates & unsubscribes increasing;
c.) A growing number of people saying negative things about your brand;
d.) Complaints about ‘nuisance emails’ made to the Information Commissioners Office (ICO);
e.) Requests for a formal investigation into your email collection practices with a hefty fine if you’re not in compliance with applicable regulations.
Want to know more about what consent is & why it’s important? I recommend taking a good look at the ICO’s guidance on consent under GDPR.
When it comes to consent, the ICO’s guidance tells us that it:
“must be unambiguous & involve a clear affirmative action… Genuine consent should put individuals in control, build trust & engagement & enhance your reputation… [It] must be freely given… [it] should be obvious & require a positive action to opt in.”
WORST PRACTICE: OPT IN CHECKBOXES & CONSENT
The best way to start understanding consent & issues surrounding opt in checkboxes is to look at a few examples.
Example #1: Using pre-ticked checkboxes
What’s so wrong about pre-ticked checkboxes? Remember that consent requires a “clear affirmative action”. Not unticking a box could be an oversight. Proving that you have consent because someone didn’t take an action isn’t easy. Think about it: how many times have you filled in a form & glossed over the checkboxes & fine print?
In the example below, we see a form from an Australian department store. You might think that this isn’t relevant, but if you’re offering international shipping, you could be collecting data from EU citizens. The brand uses a pre-ticked checkbox to obtain consent. As discussed above, not unticking doesn’t require a “clear affirmative action”.
Example #2: Expecting people to opt-out by ticking the checkbox
I’m sure you’ll agree with me when I say that we’re all used to ticking a checkbox to opt in. So, what happens when we have to tick one to opt out? Sure, it’s a great (sneaky) way to boost subscribers, but is it really best practice? Will your users be engaged & happy if they’re surprised to see your emails in their inbox?
Now, the example below isn’t a really bad ‘worst practice case’. It makes sense that a user would receive reminder emails about an event. After all, they have just signed up to attend. The downside here is that it:
a.) Requires people to opt out by unticking;
b.) Combines opt in for reminders about this event with notifications about undefined related events.
The problem? This takes full control away from users, which makes consent potentially questionable.
Example #3: Forcing someone to sign up to access your service / product / promotion
This screenshot needs no explanation. I’ve tried to sign up to attend this brand’s publicly available webinar. However, when trying to join, I’ve discovered that I not only have to become a member, I also need to subscribe to their email marketing. So, what did I do? I didn’t tick the box &, consequently, I didn’t attend the webinar. If I had opted in, how might I have reacted? Would I have unsubscribed right away or been unengaged, ignoring emails? How would I have felt? Things like this need to be considered when selecting checkboxes. GDPR encourages best practice; putting yourselves in the customer’s shoes when reviewing your forms is key.
Now, more importantly, with a form like this, you’ve taken control away from the user. You’ve forced them into subscribing. Take another look at the requirements of consent – it must be given freely.
Below, we see another screenshot of a brand forcing users into subscribing. This type of issue could occur intentionally or unintentionally. When building forms, you want to make sure that all important questions are answered. However, when you mark a question as ‘required’, it means that the the form can’t be submitted until each ‘required’ question is answered. When it comes to checkboxes, the only way to satisfy the answered requirement is by ticking the box. This means that consent is forced, even if that’s not what you were intending. The key takeaway here? Always test your forms!
Example #4: Combining terms & conditions with email sign ups
Let’s recap: when your users give you consent, it must be specific & given freely. Just because one of your users agrees with your terms & conditions, doesn’t necessarily mean that they want to receive email newsletters. As seen in the screenshot below, combining consent takes control away from your users. It forces them to subscribe if they want to download your report or purchase your service.
BEST PRACTICE FOR OPT IN CHECKBOXES
Now, we’ve focused on GDPR a lot in this blog. However, there’s one thing that we haven’t yet considered: GDPR puts users’ needs first. As businesses, we want to be reaching out to people who want to hear from us. We need to be spending our time & money on those who are likely to engage with us & buy from us. We all want to grow our email lists, but it’s worth keeping the following in mind:
a.) Will using checkboxes in the same way as worst practice examples give you the engaged list you’re looking for?
b.) Is it better to focus on quality & allow users to give you their consent as & when they’re ready to fully trust you with it?
c.) How do you feel when you’re the user & you’re tricked into giving your email address? Or forced into sharing personal details?
I’m all for growth, but I also believe that there’s a lot to be said for quality over quantity. I’ve regularly seen the results of a quality-driven marketing focus. It’s sustainable & it’s great for your bottom line.
Let’s move onto a few best practice examples. I’ve selected these examples because they give users control over what they’re consenting to. They also make it incredibly easy for marketers & business owners to prove consent was given freely – a must-have if you ever get audited.
Example #1: A clear, positive action for each type of consent
In this great example from SEMRush, there’s no pre-ticked checkboxe or need to tick to opt out. Users must take “clear affirmative action” to give their consent. What’s more,
the checkbox for terms & conditions & privacy are completely separate from the subscriber sign up. If a user ticks a checkbox, there’s no ambiguity around what they’re consenting to.
Example #2: No ambiguity & separate opt in checkboxes
It’s not hard to see why I love this example from WoolOvers. The brand has gone above & beyond, asking users to tick yes or no. Each area requiring consent has also been separated. That means that, when it comes to consent, there’s absolutely no ambiguity. The only problem with this form is that it doesn’t provide more detail about ‘carefully selected third parties’. This takes some control away from the user as they’ve no idea who these third parties may be.
CHECKBOXES & CONSENT
As you’ve seen, you can use opt in checkboxes in a number of ways. However, to truly gain consent for email marketing, it’s a good idea to take inspiration from the best practice examples.
While GDPR & best practice do make list building a little more difficult, they put the user first. As business owners & marketers, we need to be doing the same, earning trust & respecting our users’ data. Doing so might not give us as many email addresses as we want, but it will help us build a high quality list of engaged users. & that’s where sales come from. ♦
Please note that the tips & examples shown here do not constitute legal advice for GDPR purposes. For company specific, GDPR advice & strategy, please contact a registered GDPR specialist or get in touch with your lawyer.
Get it all – subscribe to our newsletter
ABOUT THE AUTHOR
Amanda Beylkin is the founder of Words on Marketing. She began her marketing career in Australia in 2005, working for an early stage startup. Since this time, she’s worked with brands big & small, from Microsoft & Montcalm Luxury Hotels to Quiz Clothing & cranberry panda. Now based in London, she spends her days helping individuals & brands achieve more with marketing.