Google Partner

Breakfast event uncovers GDPR ‘hive of opportunities’ for digital

Posted by Mel in Industry News | December 2017

Last week saw team Bespoke host the latest ‘Wake up to Digital’ event, aimed at preparing local businesses for the upcoming General Data Protection Regulation (GDPR).

Our ‘Wake up to Digital’ seminars are a programme of events in which we cover topics and issues that are bothering businesses the most, and invite guest speakers to our round table discussions.

Our attendees included a range of in-house Marketing Managers, Managing Directors and General Managers, who engaged in the debate and raised a lot of interesting questions.

 Round table GDPR discussion at Bespoke

These questions highlighted common themes, that GDPR messages in circulation are failing to answer. We thought that we'd share our answers to tackle these, as part of our efforts to bust many of the myths surrounding the GDPR, and highlight the marketing opportunities it brings for companies.


Q. We provide incentives to encourage people to sign up to our mailing list. Is it OK to continue this?

Put simply, no. Under the GDPR, consent to use personal data must be ‘unbundled’ from other terms and conditions. It’s recommended that consent is asked for separately from any other question or incentive.

Q. We build our mailing list by running a business card exchange for prize draws. People understand that this happens, so it’s OK… right?

No, the same rule applies here. If you are collecting people's personal information with a view to marketing to them (and is classed as personal information) then you need to get their explicit consent to do this. Entering a competition or prize draw does not automatically provide you with consent to send them marketing material.

Q. The customer data for our product catalogue goes back 6 years. Is that OK?

This depends on your business and your product lifecycle. If your customers are likely to re-purchase from you every 5-6 years then this is likely to be OK.

Q. Do I have to use a ‘double opt-in’ method to allow me to send out marketing emails?

Double opt-in is not legally required under the GDPR. However, it is a very good way to ensure that you are meeting the requirements of the GDPR. It adds a layer of security, ensuring that you are definitely getting the consent of the customer.

Double opt-in: This involves the customer receiving an email once they have given consent on the website to use their details. Only when the customer has confirmed the email will they be added to a mailing list.

Q. We send abandoned cart emails to our customers. Are we OK to continue with this under the GDPR?

If you are genuinely sending the email to help them complete the transaction then that may be OK. However, if you continue to contact the customer following that, you should gain consent to do so first.

Q. Am I OK to send emails to people who have recently purchased one of our products?

It is unclear whether the current ‘soft opt-in’ rules will apply after the GDPR in May 2018.  It is expected that the ICO will clarify this in December 2017.

Soft opt-in: The soft opt-in rule allows you to send information about similar products or services to existing customers.

Look out for more updates and insights into the GDPR here as we get closer to the deadline of 25th May 2018. In the meantime, if you're still unclear of what the GDPR entails, or the benefits it brings, check out our previous blog here:

GDPR: The Benefits to Businesses


Now is the time to prepare for the GDPR. Don’t know where to start? We’ve put together a handy checklist below to help, but GDPR solutions will require a much more complex and strategic process.

GDPR Checklist

  • Have you started to think about the General Data Protection Regulations (GDPR) and how this impacts your business?
  • Have you audited your current customer data for compliance with GDPR?
  • Do you use bought-in lists of individuals’ data?
  • Have you updated your privacy policy?
  • Do you have a process for people that want to opt-out of receiving marketing information?
  • Have you reviewed your email sign-up process?
  • Do you have a policy in place for dealing with data breaches?
  • Have you identified whether you need a Data Protection Officer?
  • Have you thought about how you will deal with information access requests?


To have one of our digital experts audit your website’s data capture compliance, or assess the opportunities for your email marketing campaigns, call 01772 591100 or email

Post by
Related Services
Finalist, Digital Agency Award - Red Rose Awards 2018
Boost Lancashire's Business Growth Hub
Proud to Sponsor Lancashire Business View Red Rose Awards
Digital Lancashire Founding Member
Digital Entrepreneur Awards Finalist
The Bibas Finalist
RAR Awards Finalist
A Member of the North & Western Lancashire Chamber of Commerce
Learn more
Digital Accelerator Programme - Next Intake July 2019
Close Menu