Growth hacker :)

Best Practices for Cold Emailing Under GDPR

As a growth hacker I do cold emailing. A lot! 
If you thought that growth hackers don’t do them — you are totally wrong! Sometimes it one of the best lead source for a startup that don’t have a lot of money to spend for huge marketing campaigns. A lot of even big companies rely on this lead source. 
However, some people (most of them) consider cold emailing as a spam. And yeah, sometimes it is spam if you do it wrong. Some people think that GDPR does not allow cold emailing. And, no, they are wrong. 
You can do cold emailing for your business if you do it right. 
I read GDPR original text several times with all reticles, read several official bodies (like British ICO) additional guidelines and spent several several dozens of hours with different legal consultants and now I’m ready to share definitive guide with dos and don’ts for GDPR compliant cold emailing.
Just small clarification and disclaimer: 
- I will talk only about cold emailing. Only emails and only cold. I will cover other types of communication under GDPR next time.
Cold emails is direct marketing. Direct marketing is not only cold emails.
- All things that will be listed below are true only for the date of publishing and everything can be changed by the date you read it or in some specific countries. 
Below you may find all my findings regarding GDPR compliant cold emailing
  1. You cannot write cold emails to individuals (B2C) without their implicit consent. Never
  2. Should always be able to answer to the three “simple” questions: 
    - Is there really a legitimate interest/purpose to process data?
    - Is data processing really necessary and can directly contribute to meeting that purpose?
    - Is data processing conducted with respect to the rights and freedoms of data subjects?
    Yeah these are simple questions with hard answers. I will cover these questions below. 
  3. You should always introduce yourself — both your full name and the company you represent. 
  4. You should use only email addresses that are available in public lists
    To put it simply, emails you use for cold emailing should be available somewhere on the web.
    That was the main reason why I droped my favorite and moved to — Hunter let me use only those emails that are available publicly. 
    Note: Hunter by default provides awful emails in terms of deliverability, so don’t forget to verify all of them. 
    It is not necessary to show the source of each email in your template, but you should always have an ability to provide the source to any of your prospect on request. 
  5. You should always provide your prospects clear and easy-to-use way to opt-out and stop receiving your emails.
  6. You should have a Legal Notice in your signature. 
    Why? — to show your prospects all this shit I’ve mentioned above: that their contact details were found publicly, that they can opt-out, that they have a right to object, why you reach them and what is the basis, etc.
    In this article you may found several great examples of legal notices for your cold emails
  7. If someone decided to opt-out (clicked your unsubscribe link or replied you that they want to opt-out) — never reply them write them again. 
    Even such innocuous things like “yeah, sure, I won’t reach out to you again”. 
    Yeah, that’s a bit strange, but they decided that they don’t want to receive ANY email from you. So, stop right away. 
That’s all Dos and Don’ts if you are doing cold emailing while you want to keep your GDPR compliance safe. Of course, all other “cold emailing best practices” you may find over the web apply as well.


Topics of interest