Created by Randy Ingermanson - "the Snowflake Guy"
America's Mad Professor of Fiction Writing

GDPR for Authors, Part 4

by 2 Comments

in Websites Tagged: , ,

Over the last week and a half, Iโ€™ve been blogging about the new GDPR rules that will go into force on May 25. I covered what I consider the first three stepsโ€”creating your Privacy Policy, updating your Contact forms, and updating your Blog Comments form.ย 

Today, Iโ€™ll talk about a step that most authors care about deeplyโ€”their e-mail list.

Once again, the standard disclaimer: I am not a lawyer, and nothing I say here should be considered legal advice. Iโ€™m blogging about my own journey to get my websites GDPR-compliant. If that helps you on your own journey, very good, but you should consult a lawyer versed in GDPR if you want legal advice.ย 

Why E-mail Lists Matter

Iโ€™ve talked many times in my Advanced Fiction Writing E-zine and a few times here on this blog about the importance of managing an e-mail list. The reason is simpleโ€”nothing converts like e-mail.ย 

I wonโ€™t try to prove that here. Most authors know itโ€™s true, and in the last few years, weโ€™ve all seen numerous authors build large e-mail lists.ย (My latest book is currently a best-seller in a couple of categories, largely because of the strength of my e-mail list.)

But now itโ€™s important to make sure that your e-mail list-building is done in a GDPR-compliant way.

The exact process for doing this will depend on who manages your e-mail list. I canโ€™t possibly cover all the e-mail service providers, so Iโ€™ll focus on the one I use and that many authors useโ€”MailChimp.

MailChimp is free if you have fewer than 2000 subscribers, so thatโ€™s a nice reason to start out with them. Iโ€™ve been a MailChimp user for several years now. This blog feeds to a MailChimp e-mail list that sends out an e-mail containing every new blog post. Thatโ€™s how most of my Loyal Blog Readers receive this blog.

How To Update Your MailChimp List

As I noted in my last blog post, MailChimp has a very nice article on their site with detailed instructions on how to update each of your MailChimp lists to be GDPR-compliant.ย (If you’re not using MailChimp, your own e-mail service provider probably has a similar article on their website.)

Thereโ€™s no point in me trying to write MailChimp’s article all over again. They put a huge amount of work into it, and itโ€™s very good.

But let me point out one issue that might make their article confusing to some: They essentially explain the process twice. The first time, they explain it in words. Then they have a couple of long sections that explain what some of the words mean that they just used. Then they explain it all again with more details and some pictures.ย 

The overall process has four steps, and Iโ€™ll use exactly their headings so you can look for them in their article. These are the key tasks you need to do:

  1. Enable GDPR Fields
  2. Edit GDPR Fields
  3. Segment Your List by Marketing Permissions
  4. Collect Consent

What Do Those Four Tasks Do and Why Are You Doing Them?

Itโ€™s worth taking a moment to say in simple language why you do each of those four tasks (at least as I understand things):

  1. The reason you Enable GDPR Fields is so that your mailing list now contains more information about each user. It has always contained at least an e-mail address, and probably also a name and other info. But now there will be information on exactly what โ€œmarketing permissionsโ€ each user granted you. There are a number of different โ€œmarketing permissionsโ€ but the essential one for you is โ€œEmail.โ€ Your users now will explicitly grant you the โ€œmarketing permissionโ€ to send you e-mail. Or they can take away that โ€œmarketing permissionโ€ at any time.ย 
  2. The reason you Edit GDPR Fields is because you need to decide exactly what your signup form will say. It will have some legal language. MailChimp provides you with suggested legal language. You can tweak it if you want. Or you can just use what MailChimp provides you.
  3. The reason you Segment Your List by Marketing Permissions is to make sure that after May 25, you only send e-mail to people who gave you a โ€œmarketing permissionโ€ to send Email. And what is a โ€œsegment?โ€ Itโ€™s just a subset of your subscribers. MailChimp lets you choose a “segment” in many ways. One of those ways is to choose the set of all subscribers who granted you a particular โ€œmarketing permission.โ€ย Then when you send e-mail after May 25, you send it only to that “segment.”
  4. The reason you Collect Consent is because youโ€™ve just changed your e-mail list to contain more information about the โ€œmarketing permissionsโ€ that your list members have given you. But as yet, none of them have specifically opted in to the precise GDPR language (using the words โ€œmarketing permissionsโ€ and all the legal lingo) that you just set up in your signup forms. So before May 25, you need to send out an e-mail to your current subscribers asking them to confirm their โ€œmarketing permissionsโ€ using this new language. Very likely, the reason they joined your list in the first place was because they wanted e-mail from you. But you may or may not have proof of exactly what they agreed to when they signed up long ago. Now if they update their settings on your new signup form, MailChimp will have proof of exactly what โ€œmarketing permissionsโ€ each subscriber agreed to and when they agreed to it.

MailChimp recommends that after May 25, you should not send e-mail to anyone who didnโ€™t check the Email checkbox in your โ€œmarketing permissions.โ€ย 

What I Did

I worked through the above four steps for each of my main listsโ€”my fiction reader list, my Advanced Fiction Writing E-zine, and the list for this Advanced Fiction Writing Blog.ย 

The first time, I had to read the MailChimp article very carefully to make sure I understood everything. And I took the time to figure out why they wanted me to do each step.

The second and third times, it was quicker and easier.

Yesterday, I sent out e-mails to each of my three lists, asking my subscribers to update their subscription settings. Many subscribers have already done so, but of course a lot havenโ€™t. So my lists will be smaller. Iโ€™m not thrilled with that, but itโ€™s not going to kill me.

MailChimp suggests later sending out a followup e-mail to remind people to update their settings.

If youโ€™re receiving this blog post via e-mail, please consider this your reminder, if you havenโ€™t updated your subscription settings yet. At the very bottom of this email on the right side, thereโ€™s a link that says โ€œupdate subscription preferencesโ€. If you click that link, itโ€™ll take you to a form you can fill out. To continue receiving this blog via e-mail after May 25, youโ€™ll need to click the โ€œEmailโ€ checkbox on that form and then click the button at the bottom that says โ€œUpdate Profile.โ€

And Thatโ€™s the Core of GDPR

There are more things to do for GDPR-compliance if you have a more complicated website. But I think Iโ€™ve covered most of the basics that apply to most authors. So this may be my last blog post on GDPRโ€”Iโ€™m still thinking about if thereโ€™s anything left to say.

One final note: I discussed Contact forms last week, but now I have an update. If you have a Contact form on a WordPress blog and youโ€™re using Gravity Forms (a popular plugin to create Contact forms), you should be aware that everytime somebody sends you an e-mail from your site, a copy of their message is stored in your WordPress database. That copy will contain the senderโ€™s name and e-mail address, which is personal information. You probably donโ€™t need that in your database, as long as those e-mails are actually being delivered to you. If you decide you donโ€™t want all that personal information in your WordPress database, itโ€™s possible to delete it by going to the Entries page for Gravity Forms in WordPress and trashing all the entries. (This is a little tedious.)

The problem is that as soon as somebody uses your Contact form again, another entry will go into your WordPress database, and you canโ€™t prevent it. (Gravity Forms doesnโ€™t give you the option of not saving those entries.)

However, thereโ€™s a nice plugin that will delete new Contact form entries from your WordPress database automatically, almost as soon as they get added. The plugin is called Wider Gravity Forms Stop Entries. Itโ€™s free and you can find it on this page on the official WordPress plugin site.ย I installed it today on my site and it seems to work well.

Comments

  2. Russ Dillard says

    Thanks – a great article series. My head is going to explode, I just know it. I have a finished book that people love and want to buy. I looked at Fulfillment By Amazon (FBA) – there’s the issue of State Sales Tax I would have to collect in states in which Amazon may warehouse copies of my books. Now we also have this Online Tax thing, where we again have to collect sales tax for multiple states. This stuff is killing us little guys. So – now I’m learning of this GDPR issue – another big negative. So… in trying to market the book to websites where the hockey fans are in vast numbers – CRICKET sounds. No reponses at all. The site owners are like the statues on Easter Island. This leaves the traditional publishing nightmare – but I have a finished book and do not care to bow and scrape before some agent or buyers’ giant ego. I also am not a “name” author, so it doesn’t matter one bit that people WANT to buy the book. I guess that is “crazy talk”. I am just baffled at this point.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Privacy Policy Cookie Policy
Terms and Conditions
>