Back to Learning Center
Subscribe
Join 40,000+ sales and marketing pros who receive our weekly insights, tips, and best practices.
Thank you! You have been subscribed.
Learning Center
Learning Center
Close
The IMPACT Learning Center

Free resources to help you master inbound marketing and They Ask, You Answer

Access the Learning Center

Access the Learning Center

Access the Learning Center
learning_center_grey__What is They Ask, You Answer-v2-black

What is They Ask, You Answer

What is <span>They Ask, You Answer</span>
Articles, Podcasts, & Updates

Articles, Podcasts, & Updates

Articles, Podcasts, <span>& Updates</span>
Free Courses & Certifications

Free Courses & Certifications

Free Courses & <span>Certifications</span>
On-Demand Keynotes & Sessions

On-Demand Keynotes & Sessions

On-Demand <span>Keynotes & Sessions</span>
Events
Events
Close
IMPACT+ Membership
IMPACT+ Membership
Close
Services
Services
Close
Navigation_8_2021_taya

They Ask, You Answer Coaching & Training

They Ask, You Answer Coaching & Training
Navigation_8_2021_flywheel

Inbound Marketing Services

Inbound Marketing Services
Navigation_8_2021_website design - monitor

Website Design & Optimization

Website Design & Optimization
Navigation_8_2021_hubspot implementation

HubSpot Training & Implementation

HubSpot Training & Implementation
Navigation_8_2021_virtual selling

Virtual Sales
Training

Virtual Sales <br>Training
Navigation_8_2021_swell - paid ads

Paid Search & Social Services

Paid Search & Social Services
Become a Certified Coach
Become a Certified Coach
Close

What Should I Do With All These Privacy Policy Emails?

What Should I Do With All These Privacy Policy Emails? Blog Feature

May 30th, 2018 min read

Your inbox is a sacred place but, if you’re like the rest of us, last week, it was infiltrated by an onslaught of “privacy policy” emails from companies.

The emails likely came from companies you’ve purchased products/services from online or you’ve submitted your email address to subscribe to a newsletter.

Or, if you’re like me, companies you engaged with eons ago and then promptly forgot existed…

What? I’m a sucker for a ‘Sign up and receive 10% off!’ deal.

So, why are they emailing you now?
Well, on May 25th, the General Data Protection Regulation (GDPR) law officially came into effect, so it was time for companies to take action in order to be compliant.

But before we dive into what you can (and possibly should) do about these emails, let’s back up a second…

What is The General Data Protection Regulation (GDPR)?

Put simply, the General Data Protection law is the most recent in a chain of EU parliamentary measures designed to put the highest levels of protection around personal data.

From its charter: “The protection of natural persons in relation to the processing of personal data is a fundamental right”and this isn’t a big surprise for Europe as they’re focused more on the “consumer-first” point of view while American laws and regulations tend to favor business.

There are actually six different ways that companies can legally justify using personal data:

  1. With the individual’s unambiguous consent
    1. a freely given, specific, informed and unambiguous indication of the data subject’s agreement to the processing of their personal data, either by means of a statement or by a clear affirmative action.”
  2. Contractual obligation
    1. A common example of this would be processing an employee’s name, surname, and photograph to produce a company identification badge.
  3. In the legitimate interest of the data controller
  4. In the vital interests of the data subject
    1. Recital 46 gives examples of vital interests and public interest as those which require processing for humanitarian purposes (to control epidemics, for example) and situations of humanitarian emergencies, in particular in situations of natural and man-made disasters.
  5. In the public interest
    1. For example, schools may obtain a central sex offenders’ registry clearance certificate, which is required for everyone who works with minors.
  6. In compliance with legal obligations
    1. Some companies are required to preserve data and documents for a period of 5 years in compliance with Article 25 of Law 34/2002, of 11 July, on information society and e-commerce services.

Psst… if you’d like to know more about GDPR and how it affects HubSpot Marketers, definitely check out this our blog post, “May or Bust: Your Essential Guide to GDPR Prep for HubSpot Marketers.

But this blog post isn’t about GDPR, it’s about those dang emails.

So, Why The Privacy Policy Emails?

Now that companies are becoming GDPR compliant, it’s their responsibility to reach out to you if they’re unsure if they properly received consent from you and it’s not just the responsibility of companies located in the EU to reach out.

In fact, GDPR requires all companies who may have global customers need to confirm consent.

Personally, I love the way that this aggressive inbox tap on the shoulder has been explained by Tiffany Li, a resident fellow at Yale Law School’s Information Society Project and former in-house counsel for for the coding education startup General Assembly:

“I love the subject lines like ‘Please don’t leave us,’ ‘We value you,’” she says.

“The companies reaching out are like a bad boyfriend: They want you to stay, but they know they did something wrong.”

So, sure. It’s great that companies are reaching out and asking us to stick around but for other companies (we can think of them as ‘The Bad Boy Boyfriends’) who have avoided compliance, they’re getting hit hard right now.

Both Facebook and Google were hit with lawsuits on May 25th.

The complaint against Facebook was filed with Austrian data regulators, Google with French regulators, WhatsApp with German regulators, and Instagram with Belgian regulators as soon as the law went into effect at midnight.

The lawsuits, which seek to fine Facebook 3.9 billion and Google 3.7 billion euro (roughly $8.8 billion in dollars), were filed by Austrian privacy activist Max Schrems, a longtime critic of the companies’ data collection practices.

Those fines have got to hurt, however, it’s worth noting that both companies have publicly argued that existing measures were adequate to meet GDPR requirements.

So What Do I Need to Do With All These Privacy Policy Emails?

While it may be tempting to immediately delete the privacy policy emails t flooding your inbox, I want to ask you to hold on and think about it before you do that.

These companies are reaching out because they have some sort of personal data stored for you.  

It’s a great opportunity to ‘break up’ with those companies who you no longer want to be linked to.

Unsubscribe to email lists and close accounts with companies who you no longer shop with (or use - I’m looking at you Ello) and make sure you know and are comfortable with those people you don’t.

If you’re too slammed right now but understand the need to really look through these account and companies, consider creating an email folder for all of these emails.

You can go through that folder on the weekend or during the evening hours when you have some time.

It’s also a great time to really dive into how companies have updated their Privacy Policy to be compliant.

Many of the emails I’ve read explain that they’ve added additional information and transparency to their policies.

And, in the spirit of being transparent with the new compliance, companies have also made it very clear in these emails whether or not you need to take any sort of action and if so, what to do to make sure you’re comfortable. 

Indeed, for example, let me know that there wasn’t any further action I needed to take upon receiving the email - “By continuing to use our services, you agree to the updated terms.”  

Screen Shot 2018-05-29 at 2.47.13 PM

Ommwriter made it easy for me to unsubscribe if I no longer wanted to receive their emails by clicking a bold link under the signature and Medium actually suggested that users reach out via email with their feedback if we were unsure or unclear as to what it means for users of the site. That’s a nice personal touch.

Screen Shot 2018-05-29 at 2.47.49 PM

But, of Course That Doesn’t Stop the Internet From Cracking Jokes

Okay, I won’t spend a lot of time on this section but come on… the following are too good not to acknowledge…

Star Wars: The Last Jedi director Rian Johnson:

Screen Shot 2018-05-29 at 1.54.11 PM

Writer, director and comedian Zack Bornstein:

Screen Shot 2018-05-29 at 1.55.04 PM

Web-video Producer Marques Brownlee:

Screen Shot 2018-05-29 at 1.56.19 PM
Conclusion

At the end of the day, my recommendation is to read everything -- or at least skim it.

By taking stock in what companies have your information, and then either unsubscribing or staying connected, you’ll be smarter and more aware of who knows what, lower the risk of your data being compromised, and also
play a more active role in the experience/service you receive from these brands.

Consider this your opportunity to either break up with and stay in engaged in your corporate relationships.

Here Are Some Related Articles You May Find Interesting

Want to Contribute Content to impactplus.com? Click Here.

IMPACT+ Sign Up
A FREE online learning community with on-demand courses, hundreds of expert-led sessions, thousands of your peers ready to support you, and much more.
Check it out