As regulations about data and privacy continue to roll out, it’s important to keep an eye on how you contact customers to ensure their protection and comply with the law. This article will walk through some best practices for complying with data protection regulations in your marketing.
The information provided here is intended to be educational and should not be construed as legal advice. Klaviyo encourages all of our customers — and all ecommerce merchants — to seek legal advice for counsel on how they specifically should ensure that they are compliant with data protection regulations.
- Information about your business’s location and where someone could get in contact with you
- Information about the data you collect, use, and share (e.g., the purpose of collection, how data is used, who data will be shared with, how long you will retain their data, etc.)
- Information about their rights in regard to their data
In order to remain compliant, you’ll want to collect marketing consent from your subscribers. When collecting consent, it’s important to note what a customer can expect by subscribing to your marketing and what you will do with the data you collect. Klaviyo makes it easy to add fields to your signup forms that make them suitable to comply with data protection regulations.
When creating a form, select the Enable Data Protect Fields box and Klaviyo will add messaging to help keep you in compliance.
You’ll want to consult with your legal counsel to ensure that the content is suitable for your specific regulations and needs.
If you use Klaviyo forms and have subscribers who are in more regulated locations, like the EU or California, you may wish to include this consent language on all of your forms. If you have separate sites for customers coming from different locations, you can have two different signup forms. One with more specific information designed to comply with data protection regulations, and one without the additional information for shoppers from other locations.
Regardless, it’s better to be over-protected than under-protected when it comes to collecting consent. For more information around targeting customers in the EU, head to Collect GDPR Compliant Consent.
Update and Target Your Content
While it may not explicitly be required by regulatory bodies in all circumstances, it’s better to personalize the customer experience both on-site and within your marketing. If you target your communication, shoppers browsing your site will be more likely to subscribe to your marketing and stay engaged with your brand.
Using Signup Forms
An easy way to encourage first-time shoppers to subscribe to your newsletter list is to show a discount to people who haven’t already engaged with your brand. To do that, create two signup forms that pull customers into your newsletter list. From there, customize the behavior on the form with the promotion to ensure it’s only showing to people who are not within your Klaviyo account.
For the form targeting existing Klaviyo profiles, first, create a segment of subscribers who are within your Klaviyo account, but are not within your newsletter list.
Next, adjust the behavior of the form to only display to the segment you just created.
Targeting signup forms to a particular audience is an easy way to personalize the on-site content for your subscribers. Follow our article on Creating Customer Engagement Tiers to get inspiration on different segments you can use to personalize content.
Flows are another area where you want to be conscious of data protection regulations. When creating flows, especially ones in a regulatory gray area like abandoned cart or browse abandonment, you can choose to either:
- Exclude customers in regulated areas
- Give customers different messaging that contains less marketing lingo and personalize the email to the items where they have a legitimate interest.
If you want to exclude customers that live in areas with data protection regulations, like those within the EU, select the trigger at the top of your flow. Add in a flow filter with the condition for someone not within the EU.
This will prevent EU customers from entering this flow.
If instead, you want customers to see different messaging, add in a conditional split with the condition that someone is not within the EU.
Make sure to contact your legal team to ensure that the content within your emails is compliant with the regulations in that particular area. Even if your business is not based in an area with data protection restrictions, you may still be required to abide by the rules if you're contacting a customer who is in a location with specific requirements.
As you build your campaigns, all of your emails must contain links to your unsubscribe page and your business’s contact information.
If you’re using a Klaviyo template, we’ll include those links for you. If you are unsure if you’ve included an unsubscribe message, on the campaign review page, there will be a notification indicating whether or not you have an unsubscribe link.
In all of your messages, and especially in campaign sends, personalize the content to your audience. Batch and blast emails are never a good idea. Think about your customers and why they come back to your brand; then, customize your emails from there.
An easy way to do this is through Klaviyo’s show/hide block feature. Head to our article on Show or Hide Template Blocks Based on Dynamic Variables to ensure that your customers see copy and creative work that’s compelling to them.
Clean Your Lists
It’s important to not email customers who have not opted-in to your marketing as well as those who do not regularly engage with your brand to maintain good deliverability in the eyes of inbox providers. The process of identifying customers who aren’t engaged and excluding them from your messaging is called list cleaning. For more information, check out our article on list cleaning.
- Frequently Asked Questions About GDPR
- How to Handle GDPR and CCPA Requests
- Collect GDPR Compliant Consent
- Frequently Asked Questions About the CCPA