Setting Up Yotpo SMS & Email to Comply With GDPR
This information is not legal advice. While we do our best to provide useful information as a starting point, Yotpo SMS & Email advises all merchants to obtain professional legal advice to ensure that all marketing campaigns are sent in full compliance with all applicable laws.
If you plan to send SMS marketing messages to citizens of the European Union, you must adhere to the GDPR. To do so, you must follow a couple of simple and easy steps presented in the following article.
What is the GDPR?
GDPR stands for the General Data Protection Regulation that went into effect in May 2018. It protects the privacy and personal data of individuals within the European Union and addresses data protection and privacy in the European Union and the European Economic Area.
GDPR centralizes the rules and processes businesses must follow in order to protect and respect the interests of European citizens.
How to Stay Compliant with the GDPR
When sending marketing messages to EU citizens, you must:
Obtain explicit consent.
Include a free and available opt-out mechanism at all times.
A consumer opt-in to receive messages should not be transferable or assignable, and message senders should not use opt-in lists that have been rented, sold, or shared.
With Yotpo SMS & Email, consent can be obtained at your store’s checkout or via our various subscriber collection tools. All of them are built-in for compliance with all legal regulations and include the required legal verbiage.
Remember that having consent for SMS doesn’t apply to sending other types of promotional messages (i.e., email).
Providing an Opt-out Method
The GDPR requires you to honor their “right to be forgotten” and give customers clear instructions on how to opt out, such as an opt-out link in your text messages. It is important to remember that opting-out must be free and available at all times.
The Yotpo SMS & Email campaign text editor automatically includes an opt-out link to all your text messages and ensures compliance at all times. If a customer requests to have their personal data deleted from our servers, please forward their number to firstname.lastname@example.org, and we will act on it.
How your brand is collecting and using customers’ data.
How that data is being secured by you and by any data processors (i.e., Yotpo SMS & Email) you're working with.
How you enable and support your customers’ rights to understand and control their personal data.
This was our quick guide on staying compliant with the GDPR before sending marketing messages to EU citizens. Don’t hesitate to go to our Knowledge Base for more useful articles, or contact us if you have any questions or feedback.
Australia’s Anti-Spam Legislation
Complying with US SMS marketing regulations