Read Time: 9 min

GDPR Re-permission Campaigns: 6 Tips for Making Them a Success


GDPR, the European Union’s new privacy law that goes into effect on May 25th, 2018, has been keeping email marketers on their toes. One of the biggest areas of change—and the one that’s been causing email marketers the biggest headaches—is the question of how to collect and store consent. We’ve written in detail about how GDPR raises the bar to a higher standard of consent, and how you can ensure your email consents meet the new requirements going forward. But GDPR not only applies to new consents collected after May 25th, but it also applies to all EU contacts you might already have in your database.

For any of your EU-based subscribers, if you don’t have GDPR-compliant consent—or if you’re unsure whether or not their consent is compliant—you won’t be allowed to send marketing emails to those subscribers anymore after the law is enforced. The only way you can keep those subscribers on your active mailing list is to collect GDPR-compliant consent before the May 25th deadline. This is where re-permission campaigns come into play.

A brief refresher: What’s a re-permission campaign?

The goal of a re-permission campaign is to refresh or update your subscribers’ email consent. While marketers might run re-permission campaigns for many reasons—some brands run re-permission campaigns as part of their list hygiene activities to keep their email lists clean—the GDPR deadline puts pressure on many brands to update their subscribers’ email consents to become compliant with the law.

But how do you run a successful re-permission campaign to bring your email list up to GDPR standards? Here are six tips, with plenty of examples from brands to draw inspiration from.

1. Take the time to define the audience, scope, and potential business impact of your campaign

With the GDPR deadline approaching quickly, it’s easy to want to jump straight into execution mode for your re-permission campaign. Don’t fall into that trap. Campaigns—no matter what kind—are most successful if they’re thoroughly thought through and well-defined.
Take the time to analyze the audience and potential business impact of your campaign. This helps you define the scope of your project, and makes it easier for you to get the appropriate resources to put it into action.

  • How many subscribers need to be re-permissioned?
    Refresh your knowledge on GDPR’s requirements for email consent, then analyze your current list and get an idea of the total number of contacts you don’t have GDPR-compliant consent for. What share of your total subscriber base does this equal to? If only a small portion of your list needs to be re-permissioned, your campaign (and the effort you invest into it) might look very different from that of a brand that needs to re-permission 80% of their list.
  • Are the contacts that need to be re-permissioned active subscribers?
    Look at the subscribers that you’ll need to re-collect permission from and break down who has actively engaged with your emails over the past month, quarter, or year. An active user base will make successful re-permission more likely, while low activity will mean that there’s a risk that your list will shrink significantly. Use these insights to inform your campaign—and to set the right expectations with stakeholders at your brand.
  • Calculate the business impact of successful (or unsuccessful) reconfirmation campaigns.
    If your brand can assign an average dollar value to an email subscriber, do the math and calculate the potential loss in case you can’t collect a fresh consent from subscribers who are subject to GDPR. The fact is, you’ll never re-permission 100% of your audience. But what’s the impact if you lose 30, 50, or 70% of the campaign’s target audience? This can help visualize the importance of a re-permission campaign and helps get your team (and boss) on board to prioritize GDPR re-permissioning over other activities.

Use these insights to make an educated decision about whether or not a re-permission campaign must be a priority for your team, and if it is, use these insights to argue for the time and resources you need to get your campaign off the ground.

2. Don’t just make it about GDPR—think about the benefit for the subscriber

Sure, you want to get your subscribers to update their consent so you can keep sending them email—but what’s in it for your subscribers? Think carefully about the benefit your subscribers get from taking action, then craft a message that clearly communicates this benefit.

Espares, a UK-based retailer for spare parts for electrical appliances, does a great job with that. They clearly communicate the value subscribers have been getting from their emails (“People like you who get our exclusive email offers have saved a staggering £67,969.”), and do a great job highlighting the benefits of staying subscribed.

Another great example that’s all about the subscriber experience is this beautiful email from ASOS. Rather than simply asking their subscribers to confirm their consent, ASOS makes this email all about giving the subscriber full power over what types of email they’d like to receive.

ASOS GDPR re-permission campaign

By updating their email preferences, subscribers can ensure that they only get the emails they really want to receive. And by actively confirming or changing their preferences, ASOS is also re-collecting consent.

3. Make re-permission campaigns multi-touch rather than a one-off send

A re-permission campaign doesn’t only have to be a single one-off email. Especially if you need to re-permission a large share of your subscriber base, and the potential business impact of unsuccessful re-confirmation is big, you might want to follow a multi-touch approach to increase the likelihood of subscribers taking action. For example…

  • Send multiple emails with an increasing sense of urgency
    Spread out your campaign over the coming weeks, and actively retarget subscribers who have not opened or acted on your messages. Keep in mind that other brands are working against the same deadline, so be wary about clogging up your subscribers’ inboxes.
  • Consider including a re-permission CTA in your regular emails.
    While standalone re-permission emails might be the most impactful way to refresh consent, that doesn’t mean you should limit yourself to including re-permission messaging to this type of email only. We love this approach by Selfridges, who prominently feature a re-permission CTA on the top of their regular promotional emails.

The bright yellow color in combination with the animated copy is a great way to catch subscribers’ attention without needing to send a standalone email. While the prominent re-confirmation CTA pushes the main content of the email further down and definitely distracts from the promotional content of the email, refreshing subscribers’ opt-in and having the opportunity to continue emailing them after the May 25th deadline might well be worth a temporary decrease in clicks or revenue from product promotions.

4. Think beyond email to update consent

As email marketers, it’s only natural to use email as the medium of choice to reconfirm your subscribers’ consent. But you don’t have to limit your efforts to only the email channel. Your website, social media, or other channels might be just as powerful to collect new or update existing consents.

Here’s a great example of how the British soccer club Manchester United uses their website to inform fans about changing requirements—and encourages them to reconfirm their email subscriptions.

5. Make your messaging fit your audience.

Are you targeting a marketer audience who are likely to be in the know about GDPR, and might understand the struggle of complying with the new law? In this case, mentioning the law and your efforts to become compliant might resonate well. If you’re serving a B2C audience, however, this might not be the most effective message. It’s important to know that even though you’re working towards GDPR compliance, that doesn’t mean you necessarily have to mention the law when asking your subscribers to reconfirm their subscription. This opens up opportunities to become more creative with your copy, and to be inspired by re-permission campaigns that have nothing to do with GDPR.

The ASOS email above is a great example of this. The email community spotted this email in their inbox recently—so the timing speaks for that email to be part of GDPR re-permissioning—but the email itself doesn’t mention the law at all. The same is true for this email by Optimizely that’s all about spring cleaning:

GDPR re-permission campaign by Optimizely

6. Use A/B testing to optimize your GDPR re-permission campaign

A/B testing is a powerful technique to find out which CTAs, copy, or design resonate best with your audience. Use the power of A/B testing as you finetune your GDPR reconfirmation campaigns, too.

The email community has already spotted popular brands using the power of A/B testing to discover the most effective email messaging and design to help bring consent to GDPR standards. For example, ASOS seems to be testing both the messaging and design of its re-permission campaign:

ASOS A/B testing their GDPR re-permission emails

Have more great GDPR re-permission examples? Share them with the Community

This blog post was made possible thanks to Steven Sayo, Jacques Corby-Tuech, and all the other fellow email geeks who helped collect examples of GDPR re-permission campaigns in the #emailgeeks Slack group and organized them in this spreadsheet. Make sure you check it out for even more email examples and inspiration.

Spotted another great GDPR re-permission campaign in your inbox? Add it to the comments below.

Learn more about GDPR

Looking for more information about GDPR and how you can make your program compliant? Learn more with these resources: