Comply with GDPR and set up double opt-in

Business Benefits

Ensure you are compliant with all email marketing GDPR rules to avoid legal complications.


Setup positive opt-in on all data collection points including onsite pop-ups and lead magnets.

GDPR requires that a user must actively confirm their consent, such as checking an unchecked opt-in box on a data capture form or confirming via email consent to receive marketing. Whenever a new subscriber is presented with the option to receive email marketing, you must ensure they have given active permission. Do not autocheck consent boxes, the user must actively do this. Your email marketing provider will have GDPR options you can setup in your account under your account settings page.

Keep consent requests separate from other terms & conditions as GDPR requires.

Do not bundle consent with your terms and conditions, privacy notices, or any of your services, unless email consent is necessary to continue using a service. If someone downloads content from your website, they must have the option to subscribe to marketing emails by checking a box. Signing up for email marketing must be optional, they should be able to access the content without subscribing to your marketing emails.

Include a visible and simple unsubscribe option in all marketing email footers.

Do this by inserting a copy that says click here to unsubscribe. Then hyperlink the text and insert your platform’s unsubscribe link. You can find this link by going into Settings > Preference Settings and copying the unsubscribe link. Your email marketing platform may automatically insert an unsubscribe link in your footer.

Publish a comprehensive privacy policy on your website that outlines how a user’s data will be used, what personal data is collected and if you will be sharing their data with a 3rd party.

You must link to your privacy policy in the footer of all marketing emails.

Store consent record for each user detailing who gave consent, when consent was given, what the user consent to receiving.

Data and lead collection applications will add this information automatically, however if you’re collecting the data manually you will need to ensure you add a column for each of the records detailing identity, when they signed up, and for what purpose they signed up. For example, promotional emails or a newsletter. You must not share a users’ data with a third party for marketing purposes.

Recommended data collection apps: Privy, Jotform, and Sleeknote.

Clearly indicate the identity of the sender of your emails with sender name and email address.

Also include a company address in the footer of your email. Set sender name to your company name or John from Company X.