No – it is important to note that the soft opt-in does not apply in all EU countries. For example, in Germany there are local laws that predate the GDPR and ePrivacy Directive, that in effect require double opt-in consent to send direct marketing. Therefore, it is very important to understand the context in which personal data is being collected for direct marketing purposes to ensure compliant collection and use. Dataships take care of all this for you, so you don’t have to
How can we prove that we’ve collected contact information compliantly?
Every time a customer interacts with a Dataships consent collection mechanism Dataships creates a compliance log of the interaction to keep a record of what information the customer was presented with, what choice they made and the justification for their eventual status of marketable or non-marketable. These compliance logs contain all the necessary information including:
- Customer name and email address
- Time and date stamp
- The consent mechanism presented to the customer (opt-in, opt-out etc)
- The customer’s choice or interaction with the consent mechanism
- The privacy policy presented at the time
- The marketing information text presented at the time
- The marketable status assigned to them and the justification for this.
The compliance logs are updated anytime an existing verified contact’s status changes, for e.g. if they unsubscribe or if they buy something from your store again and are presented with a consent collection mechanism again. These audit ready logs are available in the Dataships Control Panel should you ever need to respond to a query from a customer or data protection authority.