CRM and GDPR: registrations, unsubscribes, minimization

Targetting consent

The Corymbus CRM helps you to be compliant with the GDPR (General Data Protection Regulation, or GDPR in English).

CRM and GDPR: email campaign registrations (Opt-in)

If your marketing/email campaigns are part of a B2B activity (business to business, i.e. you deal with companies rather than individuals), you can send them to your contacts without their consent. However, you must offer an unsubscribe link in the body of the email, see below.

On the other hand, if your activity is B2C (business to consumer: you are addressing individuals), you must have obtained the prior consent (opt-in in English) of a person. You have to keep a written record of it before sending him campaigns. To record this consent in the Corymbus CRM, we recommend that you create a custom field of type Date, on the contacts, which you can use in the following way. If it is empty (default), it means that you do not have the contact’s consent. Otherwise (consent obtained), this field indicates the date of obtaining the contact’s consent . The screenshot below shows how to set this field.

Creating a custom "registration date" field in the CRM for GDPR compliance

Updating this information is your responsibility for each contact. You can do this either manually or automatically, for example via Zapier integration. It allows you to connect Corymbus to your website, or via corymbus’ REST API.

Filters can then help you create groups that contain only contacts with a set consent date. So you can guarantee that your email marketing campaigns won’t target anyone else. The following illustration shows, for example, how to define a filter to target contacts who have expressed their consent, and who are already customers (using another custom field “Is Customer”).

Using a CRM filter to search for registered contacts and stay GDPR compliant

Opt-out

You must include at least one unsubscribe link in your marketing campaigns. It is recommended to place it at the top of the email, so that the recipient sees it immediately. Thus, if he no longer wants to receive your communications, he will be more likely to use this link rather than click on the “spam” button. This could have disastrous consequences for the proper functioning of your future campaigns. Indeed the deliverability of your emails depends on it.

Many advertisers prefer to place the unsubscribe link at the bottom of the email, so as not to lose the valuable display space at the top of the email. Another approach is to place the unsubscribe link at the top AND bottom of the email.

Anyway, you can insert this link wherever you want using the macro {%=unsubscribeLink%}. She will find it by right clicking when you edit the body of the email.

When a contact clicks on the unsubscribe link, the Corymbus CRM processes this information by marking the person as unsubscribed. Corymbus will then exclude her from future campaigns, even if she is in the target group(s). The information is also visible in the Contact or campaign reactions section (as well as the opening and click traces). This keeps the date and time of the unsubscribe. You can also identify the campaign that caused the unsubscribe.

Restoration

However, it may happen that a contact involuntarily unsubscribes, and expresses the wish to continue receiving your communications. In this case (and in this case only), you can re-register the person by going to their card, and clicking on the re-register button. The CRM will then cancel the unsubscribe, and create a re-enrollment activity related to the contact. Thanks to it you keep a written record of the re-registration. We recommend that you document the reason for the re-registration, for example in the “Description” field of this activity. You can also store the written request received from the contact:

Automatic registration of a contact's re-registration for GDPR audits

Multiple subscriptions: simplified CRM GDPR management

Since December 2020, Corymbus allows you to create multiple subscriptions, in addition to the default subscription. Your contacts can therefore choose to unsubscribe from one type of communication, while remaining registered with others. You can also give them access to a preferences page so they can manage their subscriptions.

We will describe this new feature in a future article. Do not hesitate to contact us in the meantime if you want to use it!

Minimization principle

The minimization principle of the GDPR specifies that you must limit the storage of personal information to that which is really necessary for the exercise of your activity. It may not be useful, for example, to keep the date of birth or age of a contact. Corymbus CRM helps you with your GDPR compliance by reminding you of it in important places:

  • below the Notes field of contacts, companies, opportunities, activities.
  • in the create a custom field screen.

 

Autres articles