With the General Data Protection Regulation (GDPR) now well established, it’s not just about getting people double opted-in. One of the most of the important parts of the new GDPR is that you must have a PROVABLE record that people have opted-in to your communications. If you fail to comply with the GDPR or fail to produce provable accounts, you could be facing a fine of up to €20 million or 4% of your global annual turnover – whichever is highest.

So we’re going to talk you through how to create a provable record.

Use a reCAPTCHA

In your opt-in process, using a reCAPTCHA is a good idea. Get each prospect to fill out the form and have this information fed back into your marketing automation platform. This will allow you to record and store the opt-in data you need to. By doing this, you can have items such as the date, IP address and compliance statement of the data subject in your records until a time where it is no longer needed.

Keep those who opt-out on file

If people want to opt-out of your communications, you should also keep this information on file, making sure that you do not contact them again. For example, making an ‘Unsubscribe’ file and storing the data there, making every supplier in the chain aware that this person no longer wishes to be contacted.

Make sure you’re aware of all aspects of the GDPR

There are also other things to be aware of: The right to be forgotten, Subject Access Right and the right to data portability, where individuals may request access to their data or request that it is deleted. These are all explained in the glossary of our GDPR compliance checklist. This data will need to be handled appropriately in order to ensure your records are up to date and still complying with what the consumer wants to do with their data.

For more information on how the opt-in process works, the controls you will need to put in place and the transparency/records you can expect, check out our GDPR compliance checklist.

You can also read the final legal text (which we advise) here.