GDPR Observations outside of xenForo

webbouk

webbouk

Well-known member
Totally separate to xenForo and GDPR compliance...

One observation I have made is the number of emails flooding into my inbox requesting me to give xyz company my permission for them to continue to contact me after the 25th May.

From a business perspective building a rapport with your customer base is paramount, its your customers who buy your goods and services which enable you to keep your business running.
Surely requesting your current customer base to individually reconfirm they still want to hear from you is going to kill many a company's mailing list, and as such ultimately their business?

It's a known fact that most people do not become repeat customers ... unless they are kept in the loop and your name is reminded to them.
Likewise a simple email extending an offer to a previous customer can prompt them to at least having a look if not making a purchase.

Most emails sent out will either be ignored, forgotten about, or lost and as such a company could well lose a large percentage of their current mailing lists overnight - and yet the people on the mailing list have already given their permission to be on it in the past, nothing has changed in that respect.
 
webbouk said:
Surely requesting your current customer base to individually reconfirm they still want to hear from you is going to kill many a company's mailing list, and as such ultimately their business?
Click to expand...
Definitly yes. But if they are doing this, they most likely don't have choice not to do so - they do not have records proving that you double opted in to receive such emails and they are not direkt advertising for goods/services your already purchased (in which case IANAL an opt-in ist not necessary but you have the right to object at any time).

and yet the people on the mailing list have already given their permission to be on it in the past, nothing has changed in that respect.
Click to expand...
As said before, the email adresses on the mailing list might have been gathered via opt-out or single opt-in, which is not sufficient consent for pure marketing.
 
Hmm one company who's mailing list I'm on has an interesting interpretartion of the rules

This is what they're doing

So, over the next 10 days, I am going to send FOUR emails. This is email one of those four.

Anyone who doesn’t open one of the four emails, and who isn’t a current customer will be REMOVED from our customer database on 25th May.
Click to expand...

When I replied suggesting that this breached GDPR, their reply was:

As someone who is on our database either because you are a previous customer, or have made an enquiry in the past, I am emailing you because (according to our records) you have not engaged with us for a while.

If you open the email, we propose to process your personal data (from the 25th May) using the legal ground of legitimate interest, NOT consent.

So, from a GDPR perspective, having completed a Legitimate Interest Assessment and Balancing Test, we believe that this is the most appropriate ground.

From a PECR (Privacy and Electronic Communications Regulations) point-of-view, we can communicate with you from a marketing perspective using either the soft opt-in approach or the fact that you are a company or corporate body (business to business).

See the ICO’s guidance on this https://ico.org.uk/for-organisation...elephone-marketing/electronic-mail-marketing/

We are also giving you the opportunity, even if you do open the email, to opt out and say that you do not want to stay on our database.

Furthermore, all future communications will give you the option to opt-out.

I hope this clears everything up.

With regard to your personal data, are you happy to remain on our database ? If not, I will make sure that we take you off.
Click to expand...
 
@Kirby

But surely then the footer in just about every email and/or text message I have received has the option to request to be removed from such mailing list and by not using it is in effect acceptance of it for future email/texts (sms) ?

But the point I'm making is many businesses either through wrong advice, incorrect interpretation, or sheer panic could soon find themselves not being able to reach out to the customer base that they had; and we all know where that will end up.
 
Another thing I was wondering about today is will we see a noticeable drop in the amount of Spam being received as a result of GDPR?

I get all sorts of unsolicited offers from how to drop a dress size, weight loss, coins, bitcoin, vouchers, tickets, you name it, all ending up in my UK mail box, and they're just the ones that get past my filter.

Would the GDPR Sheriff and Deputies go after the spammers who flood the EU internet users with unsolicited offers on a daily basis on the grounds that they are storing email addresses to do so?
 
webbouk said:
But the point I'm making is many businesses either through wrong advice, incorrect interpretation, or sheer panic could soon find themselves not being able to reach out to the customer base that they had; and we all know where that will end up.
Click to expand...

I just mailed out to about 2000 members of my mailing list who I wasn't sure had actually opted in officially, inviting them to opt in now otherwise they would be taken off the list which also had 3000 opted in members.


So far I have had 300 opt ins so the list so it looks like my 5000 member list has reduced to 3300.

But I see this as a good thing because those who I have dropped don't want to be on the list, they wouldn't buy anything and were just bloating the list causing more expensive mailchimp campaigns. It's far better to a small but well targeted list than a big spammy one.
 
Mr Lucky said:
But I see this as a good thing because those who I have dropped don't want to be on the list
Click to expand...

Except I don't think that's necessarily true.

I've been flooded with so much GDPR crap like this that there's no way I'm going to sit and sift through it all. I'm sure there's a fair few companies in there whose emails I'd be happy to continue receiving, but I scanned past their opt back in email because I missed it or was too busy to read it at the time but I'm not going to go back and hunt for it.

webbouk said:
a company could well lose a large percentage of their current mailing lists overnight - and yet the people on the mailing list have already given their permission to be on it in the past
Click to expand...

If that's the case they don't have to send out another opt in email though, do they?
 
webbouk said:
Most emails sent out will either be ignored, forgotten about, or lost and as such a company could well lose a large percentage of their current mailing lists overnight - and yet the people on the mailing list have already given their permission to be on it in the past, nothing has changed in that respect.
Click to expand...

Which is why I only sent my "GDPR" email to people who hadn't specifically opted in. (Via mailchimp list segment)
 
RobinHood said:
If that's the case they don't have to send out another opt in email though, do they?
Click to expand...

Under the actual GDPR rules as far as I know they don't as people would have previously opted in under the previous cookie policies.
However try telling that to a lot of companies who are either in receipt of bad advice or are interpreting the rules themselves incorrectly.

I had one email today offering me the chance to go into a free draw to win an Apple Watch if I sign up to their new newsletter - that flies bang in the face of the new GDPR rules as in no incentive or reward can be offered to get people to accept

It's all going to end in tears
 
Another observation - does a company have to ensure all their employees who access the company's intranet give their consent to receive notifications and also have their PII stored?

You would have thought all that information and more is already stored by the company's HR department.
 
Last edited:
webbouk said:
I had one email today offering me the chance to go into a free draw to win an Apple Watch if I sign up to their new newsletter - that flies bang in the face of the new GDPR rules as in no incentive or reward can be offered to get people to accept

It's all going to end in tears
Click to expand...

lol - look at what I just got, one of the biggest XF forums are doing just that 😂

1527111239519.webp
 
I really wonder if anyone is going to complain and make a report to authorities. For every company that is GDPR compliant there are 20 more than aren't and don't even know what it is.
 
For every company that is GDPR compliant, there is probably thousands that are not and really do not care because the UK can not do diddly squat in their country.
 
My mum got a full A4 page letter with GDPR info about how her hair dresser handles her personal data today :rolleyes:

I'm all for having control over your data and I think GDPR is a great idea in theory. I actually think forum users should have the final say over whether their content can be deleted at the user request or not. Users should have control and final say over their data and content.

But I did have to laugh when I got a photo sent to me, taken from her hair dressing appointment promising that they won't sell her data, and give her the option to manager her data, ie. her mobile number stored on the stylists mobile phone. :ROFLMAO:

I can't imagine someone taking Ms Sole Trader hair stylist to court for 4% of her annual turnover for failing to delete a customers number and sending her a Christmas discount voucher via text or email.

Still, I shouldn't laugh. Due diligence from even the small companies is what makes this work. Then again, as it's been said, there's probably 20 more that DGAF and the data will end up out there being bought, sold and mined anyway. I wonder how much data facebook is mining from B2C relationships like this where businesses have customers mobile numbers stored on their phone. I don't know what to think anymore.
 
Hmmm....local high street hair stylist....yep, 4% it is then! ;)

Crunching the numbers now though, that's still a decent chunk of change, especially for someone earning 20-50k, that's 800 - 2K units of your favourite local flavour of currency. Not to be sniffed at.
 
RobinHood said:
Hmmm....local high street hair stylist....yep, 4% it is then! ;)

Crunching the numbers now though, that's still a decent chunk of change, especially for someone earning 20-50k, that's 800 - 2K units of your favourite local flavour of currency. Not to be sniffed at.
Click to expand...
So you are saying stylists make over 500,000,000...?

The law states 4% of net income OR 20M Euros, whichever is higher. For 4% to be higher, net income would have to be over 500,000,000!
 
Your absolutely right, I'm a derp, that means lets charge the stylist 20M Euro.

However makes even less sense now, lets put small businesses and their clients through the stress and hassle of this via threat of putting them into dept for eternity. Yeah, that'll keep everyones data in check. Better send out that generic opt in email to stay within the law and avoid that 20M Euro fine that will never get challenged or paid.
 

Similar threads

JohnLogar
XF 2.2 Show widget Content outside of XenForo
Replies
1
Views
422
Mr Lucky
Mr Lucky
C
  • Question Question
Utilizing Xenforo user logon outside of Xenforo
Replies
0
Views
636
chickenputty
C
arn
Creating a Thread outside of Xenforo
Replies
5
Views
1K
arn
arn
T
Use xenforo data outside of xenforo?
Replies
3
Views
2K
AndyB
AndyB
Zmolahah
  • Question Question
XF 1.2 Setting pages made outside of XenForo as home pages
Replies
3
Views
3K
Zmolahah
Zmolahah
Back
Top Bottom