As a growth hacker I do cold emailing. A lot! If you thought that growth hackers don’t do them — you are totally wrong! Sometimes it one of the best lead source for a startup that don’t have a lot of money to spend for huge marketing campaigns. A lot of even big companies rely on this lead source. However, some people (most of them) consider cold emailing as a spam. And yeah, sometimes it is spam if you do it wrong. Some people think that GDPR does not allow cold emailing. And, no, they are wrong. You can do cold emailing for your business if you do it right. I read GDPR original text several times with all reticles, read several official bodies (like British ICO) additional guidelines and spent several several dozens of hours with different legal consultants and now I’m ready to share definitive guide with dos and don’ts for GDPR compliant cold emailing. Just small clarification and disclaimer: - I will talk only about cold emailing. . I will cover other types of communication under GDPR next time. - . Direct marketing is cold emails. - All things that will be listed below are true only for the date of publishing and everything can be changed by the date you read it or in some specific countries. Only emails and only cold Cold emails is direct marketing not only Below you may find all my findings regarding : GDPR compliant cold emailing You cannot write cold emails to individuals (B2C) without their implicit consent. . Never Should always be able to answer to the three “simple” questions: - Is there really a legitimate interest/purpose to process data? - Is data processing really necessary and can directly contribute to meeting that purpose? - Is data processing conducted with respect to the rights and freedoms of data subjects? Yeah these are simple questions with hard answers. I will cover these questions below. You should — both your full name and the company you represent. always introduce yourself You should use . To put it simply, emails you use for cold emailing should be available somewhere on the web. That was the main reason why I droped my favorite snov.io and moved to hunter.io — Hunter let me use only those emails that are available publicly. Note: Hunter by default provides awful emails in terms of deliverability, so don’t forget to verify all of them. It is not necessary to show the source of each email in your template, but you should always have an ability to provide the source to any of your prospect on request. only email addresses that are available in public lists You should always provide your prospects clear and and stop receiving your emails. easy-to-use way to opt-out You in your signature. Why? — to show your prospects all this shit I’ve mentioned above: that their contact details were found publicly, that they can opt-out, that they have a right to object, why you reach them and what is the basis, etc. In this article you may found several . should have a Legal Notice great examples of legal notices for your cold emails If someone decided to opt-out (clicked your unsubscribe link or replied you that they want to opt-out) — write them again. Even such innocuous things like “yeah, sure, I won’t reach out to you again”. Yeah, that’s a bit strange, but they decided that they don’t want to receive ANY email from you. So, stop right away. never reply them That’s all Dos and Don’ts if you are doing cold emailing while you want to keep your GDPR compliance safe. Of course, all other “cold emailing best practices” you may find over the web apply as well. : Sources https://eur-lex.europa.eu/eli/reg/2016/679/oj https://eur-lex.europa.eu/legal-content/EN/ALL/?uri=CELEX:32002L0058 https://ico.org.uk/media/1555/direct-marketing-guidance.pdf https://ico.org.uk/media/about-the-ico/disclosure-log/2014536/irq0680151-disclosure.pdf
