Skip to main content
Services
TAYA

They Ask, You Answer Mastery

A coaching & training program that drives unmatched sales & marketing results.

Sales

Sales Performance Mastery

Improve the competencies and close rates of your sales organization.

Web design

Website Mastery

Web design, development & training for your team.

HubSpot

HubSpot Mastery

Everything you need to get the most from HubSpot.

AI Mastery

AI Enablement Mastery

Unlock the power of AI in all aspects of your revenue operations.

Discover how IMPACT’s services can help take your business to the next level. Book a free 30-minute coaching session Book a free 30-minute coaching session
Learning Center
Learning Center

Learning Center

Free resources to help you improve the way you market, sell and grow your business.

[NEW] The Endless Customers Podcast is now available everywhere. Learn how to earn trust & win more customers in the age of AI. Listen Now Listen Now

Free Assessment: How does your sales & marketing measure up?

Close

Free Assessment:

How does your sales & marketing measure up?
Take this free, 5-minute assessment and learn what you can start doing today to boost traffic, leads, and sales.
Kate Fodera

By Kate Fodera

May 30, 2018

Topics:

Data Security
Subscribe
Join 40,000+ sales and marketing pros who receive our weekly newsletter.

Get the most relevant, actionable digital sales and marketing insights you need to make smarter decisions faster... all in under five minutes.

Thanks, stay tuned for our upcoming edition.
Data Security

What Should I Do With All These Privacy Policy Emails?

Kate Fodera

By Kate Fodera

May 30, 2018

What Should I Do With All These Privacy Policy Emails?

Your inbox is a sacred place but, if you’re like the rest of us, last week, it was infiltrated by an onslaught of “privacy policy” emails from companies.

The emails likely came from companies you’ve purchased products/services from online or you’ve submitted your email address to subscribe to a newsletter.

Or, if you’re like me, companies you engaged with eons ago and then promptly forgot existed…

What? I’m a sucker for a ‘Sign up and receive 10% off!’ deal.

So, why are they emailing you now?
Well, on May 25th, the General Data Protection Regulation (GDPR) law officially came into effect, so it was time for companies to take action in order to be compliant.

But before we dive into what you can (and possibly should) do about these emails, let’s back up a second…

What is The General Data Protection Regulation (GDPR)?

Put simply, the General Data Protection law is the most recent in a chain of EU parliamentary measures designed to put the highest levels of protection around personal data.

From its charter: “The protection of natural persons in relation to the processing of personal data is a fundamental right”and this isn’t a big surprise for Europe as they’re focused more on the “consumer-first” point of view while American laws and regulations tend to favor business.

There are actually six different ways that companies can legally justify using personal data:

  1. With the individual’s unambiguous consent
    1. a freely given, specific, informed and unambiguous indication of the data subject’s agreement to the processing of their personal data, either by means of a statement or by a clear affirmative action.”
  2. Contractual obligation
    1. A common example of this would be processing an employee’s name, surname, and photograph to produce a company identification badge.
  3. In the legitimate interest of the data controller
  4. In the vital interests of the data subject
    1. Recital 46 gives examples of vital interests and public interest as those which require processing for humanitarian purposes (to control epidemics, for example) and situations of humanitarian emergencies, in particular in situations of natural and man-made disasters.
  5. In the public interest
    1. For example, schools may obtain a central sex offenders’ registry clearance certificate, which is required for everyone who works with minors.
  6. In compliance with legal obligations
    1. Some companies are required to preserve data and documents for a period of 5 years in compliance with Article 25 of Law 34/2002, of 11 July, on information society and e-commerce services.

Psst… if you’d like to know more about GDPR and how it affects HubSpot Marketers, definitely check out this our blog post, “May or Bust: Your Essential Guide to GDPR Prep for HubSpot Marketers.

But this blog post isn’t about GDPR, it’s about those dang emails.

So, Why The Privacy Policy Emails?

Now that companies are becoming GDPR compliant, it’s their responsibility to reach out to you if they’re unsure if they properly received consent from you and it’s not just the responsibility of companies located in the EU to reach out.

In fact, GDPR requires all companies who may have global customers need to confirm consent.

Personally, I love the way that this aggressive inbox tap on the shoulder has been explained by Tiffany Li, a resident fellow at Yale Law School’s Information Society Project and former in-house counsel for for the coding education startup General Assembly:

“I love the subject lines like ‘Please don’t leave us,’ ‘We value you,’” she says.

“The companies reaching out are like a bad boyfriend: They want you to stay, but they know they did something wrong.”

So, sure. It’s great that companies are reaching out and asking us to stick around but for other companies (we can think of them as ‘The Bad Boy Boyfriends’) who have avoided compliance, they’re getting hit hard right now.

Both Facebook and Google were hit with lawsuits on May 25th.

The complaint against Facebook was filed with Austrian data regulators, Google with French regulators, WhatsApp with German regulators, and Instagram with Belgian regulators as soon as the law went into effect at midnight.

The lawsuits, which seek to fine Facebook 3.9 billion and Google 3.7 billion euro (roughly $8.8 billion in dollars), were filed by Austrian privacy activist Max Schrems, a longtime critic of the companies’ data collection practices.

Those fines have got to hurt, however, it’s worth noting that both companies have publicly argued that existing measures were adequate to meet GDPR requirements.

So What Do I Need to Do With All These Privacy Policy Emails?

While it may be tempting to immediately delete the privacy policy emails t flooding your inbox, I want to ask you to hold on and think about it before you do that.

These companies are reaching out because they have some sort of personal data stored for you.  

It’s a great opportunity to ‘break up’ with those companies who you no longer want to be linked to.

Unsubscribe to email lists and close accounts with companies who you no longer shop with (or use - I’m looking at you Ello) and make sure you know and are comfortable with those people you don’t.

If you’re too slammed right now but understand the need to really look through these account and companies, consider creating an email folder for all of these emails.

You can go through that folder on the weekend or during the evening hours when you have some time.

It’s also a great time to really dive into how companies have updated their Privacy Policy to be compliant.

Many of the emails I’ve read explain that they’ve added additional information and transparency to their policies.

And, in the spirit of being transparent with the new compliance, companies have also made it very clear in these emails whether or not you need to take any sort of action and if so, what to do to make sure you’re comfortable. 

Indeed, for example, let me know that there wasn’t any further action I needed to take upon receiving the email - “By continuing to use our services, you agree to the updated terms.”  

Screen Shot 2018-05-29 at 2.47.13 PM

Ommwriter made it easy for me to unsubscribe if I no longer wanted to receive their emails by clicking a bold link under the signature and Medium actually suggested that users reach out via email with their feedback if we were unsure or unclear as to what it means for users of the site. That’s a nice personal touch.

Screen Shot 2018-05-29 at 2.47.49 PM

But, of Course That Doesn’t Stop the Internet From Cracking Jokes

Okay, I won’t spend a lot of time on this section but come on… the following are too good not to acknowledge…

Star Wars: The Last Jedi director Rian Johnson:

Screen Shot 2018-05-29 at 1.54.11 PM

Writer, director and comedian Zack Bornstein:

Screen Shot 2018-05-29 at 1.55.04 PM

Web-video Producer Marques Brownlee:

Screen Shot 2018-05-29 at 1.56.19 PM
Conclusion

At the end of the day, my recommendation is to read everything -- or at least skim it.

By taking stock in what companies have your information, and then either unsubscribing or staying connected, you’ll be smarter and more aware of who knows what, lower the risk of your data being compromised, and also
play a more active role in the experience/service you receive from these brands.

Consider this your opportunity to either break up with and stay in engaged in your corporate relationships.

Free Assessment:

How does your sales & marketing measure up?
Take this free, 5-minute assessment and learn what you can start doing today to boost traffic, leads, and sales.

Related Articles

The AI Best Practice Guidelines Your Company Needs

September 1, 2023
Marcus Sheridan Marcus Sheridan

The 4 Top Business Analytics Platforms for Data-Hungry Organizations

June 20, 2022
John Becker John Becker

HubSpot and Data Privacy: How to Collect Contacts the Right Way

October 4, 2021
John Becker John Becker

Google: 'Here's how to prepare for the future private web'

July 16, 2021
Liz Murphy Liz Murphy

Apple Mail privacy news spooks email marketers, newsletter creators

June 16, 2021
Liz Murphy Liz Murphy

Virginia Consumer Data Protection Act (VCDPA) is now law, but so what?

March 8, 2021
Liz Murphy Liz Murphy

Your visitors will see your forms aren't secure with new Google update

August 27, 2020
Karisa Hamdi Karisa Hamdi

EU: Google Analytics, Facebook Connect use could warrant legal action

August 24, 2020
Katie Coelho Katie Coelho

Apple's privacy update: What does it mean for your mobile ad strategy?

July 24, 2020
Eric Choma Eric Choma

Data privacy update: How the CCPA affects you and your paid advertising

July 15, 2020
Dan Baum Dan Baum

GoDaddy vs. WP Engine: How they compare when your website gets hacked

July 2, 2020
Daniel Escardo Daniel Escardo

If COVID-19 forced your business online, you need to update your privacy policy

July 2, 2020
Stephanie Baiocchi Stephanie Baiocchi

Google releases new security and privacy controls for Chrome users

May 29, 2020
Rachel Denney Rachel Denney

Google's new third-party cookie update to roll out with Chrome 80

February 12, 2020
Dylan Lepak Dylan Lepak

How to secure your website: 5 tips for every business website

February 11, 2020
Daniel Escardo Daniel Escardo

Why do regular backups of your website matter?

December 23, 2019
Daniel Escardo Daniel Escardo

IAB releases CCPA compliance framework ahead of Jan. 1 rollout

December 11, 2019
Dylan Lepak Dylan Lepak

Data security: Should you trust an agency with the 'keys' to your website?

November 28, 2019
Alex Serrano Alex Serrano

Microsoft extends CCPA privacy protections beyond California

November 15, 2019
Kate Williams Kate Williams

What should you do when your website gets hacked?

October 22, 2019
Daniel Escardo Daniel Escardo

Is Apple's iOS 13 hindering location-based marketing?

October 10, 2019
John Becker John Becker

Leading American Business Executives Urge Congress to Pass Federal Data Privacy Law

September 13, 2019
Katie Coelho Katie Coelho

The Fall of Nacho Analytics: Important Lessons for Site Owners

August 19, 2019
Iris Hearn Iris Hearn

The Future of Internet Passwords & What "WebAuthn" Means For Businesses

March 6, 2019
Tom DiScipio Tom DiScipio

Google’s $57 Million Fine Reminds Businesses and Marketers GDPR in Full Effect

January 24, 2019
Ashleigh Respicio Ashleigh Respicio