How to Keep GDPR Records of Consent for Your Subscribers
The GDPR (General Data Protection Regulation) requires that you can prove the nature of consent between you and your subscribers. That means you must keep comprehensive records of how subscribers joined your list if you want to comply with the law.
But keeping records of consent for your subscribers can seem daunting, no matter what your email list size.
Fortunately, it doesn’t have to be difficult or time consuming.
Below are two simple ways you can keep records of how you collect subscribers’ personal data.
Disclaimer: This blog post is for informational purposes only, and you should not consider it legal advice. We recommend that you seek legal and other professional counsel to determine exactly how the GDPR might apply to you.
Two key data points to record for GDPR consent
To prove you are GDPR compliant, you must be able to prove what a subscriber has consented to when signing up for your list. There are two parts to this:
- the sign up source (i.e. the webpage they visited to sign up)
- a copy of the form or mechanism they used to sign up at the time they subscribed
AWeber automatically records the sign up source within your subscribers’ records, so we have you covered there.
But it’s a bit more complex to record a copy of the sign up form. Why? Because you may have more than one sign up form on your site, or you may change your form from time to time, making it difficult to show exactly what the sign up form looked like at the time of signup.
The best way to record a copy of your sign up forms will depend on a few factors:
- Do you have have multiple email sign up forms?
- Do you regularly change your email sign up forms?
- Do you run split tests on your email sign up forms?
How you answer these questions will impact the way in which you keep records of your sign up forms.
“I only have a single sign up form, and NEVER change it or run split tests on my form.”
If you have a single sign up form that never changes, you should be able to manually record it since all subscribers join your list the same way.
Once you’ve created a record of your sign up form, save the file in multiple places, such as your computer, an external hard drive, and a cloud-based storage service like Google Drive or Dropbox.
“What if I change the signup form later?” No problem. All you have to do is repeat the process above to make a new manual record, and add the details to your documentation. Be sure to retain the old record, too.
“I have multiple signup forms, I change my form regularly, or I run split tests on my forms.”
It would be a lot of work to manually record and manage multiple or changing signup forms, while also verifying which subscribers came through specific versions of the forms.
In this case, we recommend using a service like optinopoli to automate the recording process. We discovered this service when were looking for ways to make GDPR consent recording easier for our AWeber customers. In our research, we haven’t been able to find any other tools that automate the recording process in this way. (If you know of one, please tell us in the comments below!)
But quick note: In order to use optinopoli’s auto-recording feature, you’ll need to sign up for one of their paid accounts, which starts at $19 per month. AWeber is not an affiliate of optinopoli.
How to auto-record signup forms
optinopoli, which integrates with AWeber, is a signup form tool designed to help you collect subscribers on your website and grow your list.
Unlike other sign up form builders, it has the ability to automatically record the version of the sign up form used by each of your subscribers.
Here’s how it works to record your forms:
For each new subscriber coming through an optinopoli™ form on your website, the app sends you a notification via email. These notifications are optional, but you’ll need to leave it on to take advantage of the auto-recording facility.
I recommend setting up a filtered folder in your inbox make managing all of the notifications easier (and to save your inbox from getting clogged!). You can receive and store these notifications in there.
Another alternative: Create a separate email account where these notifications can be sent and stored.
Within the notification, you’ll see a link for the sign up form used. If you click the link, you’ll see the exact form used by the subscriber displayed in a new browser window.
If you’re running a split test on your forms, the app will also record any variations of the form. You’ll get the record of the actual form used by the subscriber.
Pro tip: Set the lead notifications to go to a cloud-based email account, such as Gmail, where the emails can be safely and permanently stored in the cloud.
Once you’re set up with optinopoli, be sure to test your new form and lead notification. Make sure your notification contains the link to the auto-recorded signup form.
Following the steps outlined above enables you to keep comprehensive records of consent for your subscribers. Questions? Ask me below!