Skip navigation

By May 25th 2018, a new European privacy regulation called The General Data Protection Regulation (GDPR) will come into effect, and it will have a major impact on marketing and marketing automation. In this blog, I will share how we used Eloqua to deal with a couple of challenges the GDPR causes.

 

What is GDPR?
The GDPR regulates how companies protect EU citizens’ personal data and it applies to all companies selling to and storing personal information about citizens in Europe, including companies on other continents. Under the GDPR, individuals have:


1. The right to access – This means that individuals have the right to request access to their personal data and to ask how their data is used by the company after it has been gathered. The company must provide a copy of the personal data, free of charge and in electronic format if requested.
2. The right to be forgotten – If consumers are no longer customers, or if they withdraw their consent from a company to use their personal data, then they have the right to have their data deleted.
3. The right to data portability – Individuals have a right to transfer their data from one service provider to another. And it must happen in a commonly used and machine readable format.
4. The right to be informed – This covers any gathering of data by companies, and individuals must be informed before data is gathered. Consumers have to opt-in for their data to be gathered and consent must be freely given rather than implied.
5. The right to have information corrected – This ensures that individuals can have their data updated if it is out of date or incomplete or incorrect.
6. The right to restrict processing – Individuals can request their data is not used for processing. Their record can remain in place, but not be used.
7. The right to object – This includes the right of individuals to stop the processing of their data for direct marketing. There are no exeptions to this rule, and any processing must stop as soon as the request is received. In addition, this right must be made clear to individuals at the very start of any communication.
8. The right to be notified – If there has been a data breach which compromises an individual’s personal data, the individual has a right to be informed within 72 hours of first having become aware of the breach.

 

How we used Eloqua to deal with some of the implications of the GDPR
Obviously, the GDPR has lots of implications for all departments of companies, not just marketing or marketing automation. That is why a multidisciplinary project team was set up to inform and help out all departments to become GDPR compliant. This how we used Eloqua to deal with some of the implications of GDPR.

 

To deal with the right to access, the right to be informed, the right to have information corrected and the right to object for email marketing, we created a preference center with a double opt-in (DOI) service.

 

Preference center
In our preference center contacts can:


• subscribe and unsubscribe to emails about three business themes
• subscribe and unsubscribe to newsletters
• subscribe and unsubscribe to emails about seminars and events
• subscribe and unsubscribe to emails about training and education

 

These options are all connected to our Eloqua email groups. After the GDPR comes to effect, we can easily use the email groups in a segment to make sure that we only send out emails to the contacts who subscribed for it.

 

Furthermore, in the preference center contacts can also:


• check and change their contact details
• unsubscribe for all communications (when a contact unsubscribes, we ask him for a reason)

 

When a contact makes a change, he will always be asked to agree on the disclaimer and privacy statement, which are available on our website.

 

DOI process
To become GDPR-compliant a double opt-in is needed. Otherwise you can’t proof that your contact has given an opt-in. That’s why we created a DOI-process.

 

Scenario 1: Preference Centre
1. The contact gives an opt-in in the preference center.
2. The contact receives an email with a blind form to confirm (give a double opt-in).
3. When the double opt-in is given, the subscription is completed. The contact is redirected to a confirmation message in the preference center. In the preference center the contact can set-up other preferences.
4. All prove is stored in a CDO.

 

Scenario 2: Regular download or subscription to seminar
1. The contact gives an opt-in in a form, for example a form to download a whitepaper.
2. The contact receives an email with a blind form to confirm the opt-in (give a double opt-in)
3. When the double opt-in is given, the subscription is completed. The contact is redirected to a confirmation message in the preference center. In the preference center the contact can set-up other preferences.
4. All prove is stored in a CDO.
5. The contact also receives the download email.

 

scenario.png

 

The DOI-process is designed to make sure a contact in Eloqua will first confirm their email opt-in before they will get the globally subscribed status. When a new contact will enter the Eloqua database and gives an email opt-in (‘Yes’ on opt-in question), the contact will be globally unsubscribed. Immediately an email is send to this person with a link to confirm their global subscription. The link in the email will contain a blind form submit which will globally subscribe the person and confirm their subscription.

 

Contacts who do not confirm their subscription via this email within 2 days, receive a reminder email to confirm global subscription. This reminder email could only be send via a program builder step, as the contact has not confirmed their subscription yet (the person is still globally unsubscribed). For this reason the email in this program builder step needs to be send to unsubscribed contacts. Only by enabling the option ‘Allow email to be sent on unsubscribe’ the contact is able to confirm their global subscription, complete the DOI-process and be GDPR compliant.

 

CDO
All prove is captured in a CDO for future reference. For example:

• What is the source of the opt-in, e.g. a form on the website or someone provided their details during an event?
• What was the opt-in consent, what did they accept?
• On which date/time the action was done?
• On which date/time the confirmation of the DOI was done?

 

How to gather DOI’s
GDPR requires DOI to email contacts. That’s why we started to gather as much relevant DOI’s as possible, for example by:
• Adding opt-in questions to each form
• Adding a link to our preference center in the footer of each email
• Setting up specific DOI-campaigns in which we offer valuable content (for example a whitepaper)
• Asking subscribers to our newsletters to DOI
• Adding banners to our website with a link to our preference center
• Adding pop-up forms to our website with a link to our preference center

 

When we started our preference center and DOI efforts, we analyzed our database. We concluded that 14% of our contacts are the most relevant to us to DOI. The last three months, we realized a conversion of 4,6% on that group with the efforts as described above. We are very pleased with this first result. We are definitely going into the right direction, but we still have a long way to go. The next months we will develop full force all kinds of actions/campaigns to gather as much DOI’s as possible before May 25th.

 

Joined effort
As said, the GDPR will have a major impact on marketing and marketing automation. By using forms, CDO’s and email groups, Eloqua can be a big help in becoming compliant to the GDPR. But it will not do on its own. The way you deal with your customer data, set up your marketing campaigns, do your sales and store employee data: it is all going to change. It will affect your entire company. So, involve your colleagues, set up a project team and start to become GDPR-compliant!

Filter Blog

By date: By tag: