Building Your Mailing List? Always Get Consent!

Make Your Mailing List GDPR Compliant

Full disclosure, I am not a lawyer.

This post is how I have interpreted GDPR law based on reading up about it and from watching webinars and classes.

It is best you speak to your Lawyer about how GDPR affects your specific business.

Here is how I intend to follow GDPR law.

I try building my mailing list in different ways; one such method is via giveaway collaborations with other businesses. Here is the irony whenever I take on any form of list building activity:

  1. Personally, I tend not to sign up to other peoples’ mailing lists unless what they offer is something I want or need;
  2. I am also very quick to unsubscribe from mailing lists if I get too many emails in my inbox.

These two things make me happy about GDPR and in a way would like to see this law implemented worldwide.

Yes, it would mean fewer people sign up to my mailing list, then again, those that sign up are interested in what I am offering. The more people that sign up, the more validation I get that I am heading in the right direction. I use the number of people who sign up to my mailing lists as one of my business KPIs - Key Performance Indicators.

What Is GDPR?

GDPR stands for General Data Protection Regulation. It is a law that applies to how businesses collect, store and use data from those within EU countries. Here are some things everyone should know about GDPR:

For each person you receive data from, you need to get permission to contact them for each contact method you use. So, if you usually email your list with coupon codes, send newsletters or flyers through the post, you will need to get permission to contact them using each of these methods.

If you are offering a freebie on your site, you have to give people the freebie. However, you can not email them or add them to any form of direct marketing lists unless they have permitted you to contact them. So, gone are the days of adding people to your email list and marketing to them immediately afterward.

Who Is Affected?


Any business that deals with people residing in the EU will be affected by the GDPR law, regardless of where your business is located.

So, if you run an eCommerce store, have a blog or provide a service where you get customers and clients from around the world, it is best to adopt General Data Protection Regulation practices on your site.


Regardless of nationality, if you live within EU borders, you have to give permission for companies to contact and market to you for each medium used. Types of mediums could be via post, phone calls, email or newsletters.

Why I Like GDPR?

There are a few reasons I like the implementation of GDPR. 

Business Reasons I Like GDPR

As a business owner, I like the introduction of GDPR as it provides an opportunity for the following:

  • List scrubbing

As people are not grandfathered in, you need to make contact with everyone on your email list asking for permission to contact them using the different mediums you use to market to them.

  • An engaged list

Those who agree to stay on your list will be more engaged as they have had an opportunity to be removed from your list and choose to stay.

An engaged list is a better list to strive for. There is a higher chance of being able to upsell to them as they have shown interest in what you have to offer

  • Saving money

The more people you have on your list, the higher the subscription fee paid to companies like MailChimp, ConvertKit and MailerLite. By having fewer people on your list, you may be able to move to a lower priced plan.

Personal Reason I Like GDPR

From a personal perspective, if I lived in the EU or spend an extended amount of time there, I would be able to get the giveaways without fear of getting onto random email lists.

Steps To Take To Make Your Mailing List compliant.

Privacy Policy

Update your privacy policy and have the following mentioned

What information you are collecting

Specify the information you are collecting from each person, such as first name, last name, email address, phone number and so on.

How are you using the information

This is where you outline how you intend to use the information you collect. For instance, the information I collect on my site is used to keep those on my email list informed with projects I am working on, classes I create, asking for collaborators and thoughts I have on running a business.

Third Party Providers

Which third party providers are you sharing data with and how are they using it. For instance, MailChimp collects and stores the data I collect, Simvoly is who my site is hosted with and is the vehicle I use to collect data. Even though neither of these providers is going to use my data, they should still be mentioned.

Opting Out

Outline how people can opt out of being on your list. Perhaps make it easy for people to do this, by adding an unsubscribe button or link in the footer of your website.

Get Permission

Give people the option, using checkboxes, to agree with you communicating with them using different methods. Such as by post, email, newsletters etc

Final Thoughts

Start thinking less is more. Fewer people will sign up to your mailing list. However, those who do are happy to hear about what you are doing. So, be sure to offer people who are on your list things they want or need.

This law to me does not appear to be as complicated a concept as I first thought. This could be because I am still building my email list.

It is all about getting consent from people to communicate with them using the methods your business already uses. Being truthful with them on what the information you are collecting on them is going to be used for is something else General Data Protection Regulation requires.

Even though this law applies only within the EU borders at present, it is only a matter of time before other countries start to adopt this or similar laws as privacy issues remains at the forefront of our minds.

For this reason, SloppySuccess #makeastart is adopting working towards complying with GDPR laws in all mailing list building activities.

Links on this post may be affiliate links, which will provide me with a small commission if you make a purchase using my link. Images were created using Visme.


To find out more about GDPR, here are a couple of classes on Skillshare that may be of interest. 

EU GDPR: General Data Protection Regulation 2018 - The Essential Course 

This class is delivered by an International Business Consultant. It informs you of what you need to be careful about. The fifth lesson in this class is particularly interesting as it goes through the six principles of the General Data Protection Regulation.

GDPR - in a nutshell

This class provides an overview of the data protection regulation. It also outlines the six principles along with the accountability principle. 

To be transparent, watching these class requires you to sign up to SkillShare, which is an online learning platform with classes on a variety of topics.

Get updates from SloppySuccess #makeastart

in your inbox

Your cart is empty


Shopping Cart

View Details
Sold Out