If you have an online business or an email list that you communicate with, you’ve probably heard the rumblings around the internet about the EU’s new General Data Protection Regulation (let’s just call it GDPR, shall we?). This new regulation goes into effect May 25, 2018 and in an effort to understand what it is, what it means to online marketers, and what we need to take action on, I’ve invited Bobby Klinck, an intellectual property attorney, to help us navigate all things GDPR. Bobby is not only an attorney, but he is an entrepreneur himself, so he really has his finger on the pulse of what online entrepreneurs need to do to protect themselves. Let’s dive in and figure this all out!6 principles of the GDPR #1: Data shall be processed “lawfully, fairly, and in a transparent manner.” #2: Data shall be “collected for specified, explicit and legitimate purposes.” #3: Data processing shall be “limited to what is necessary” for the purpose. #4: Data shall be accurate, kept up to date, and corrected. #5: Data shall be kept so it identifies a person “no longer than is necessary.” #6: Data shall be “processed in a manner that ensures appropriate security.” Let’s break down all 4 options: Opt-in Page: You can add a voluntary checkbox/dropdown menu on your opt-in page. This would clearly be consent if you do it right. It must be voluntary and it cannot be the default. You can’t force them to agree and you can’t have the agreement as the default. If you are going to do this, try to use a drop-down menu vs a checkbox. That way they have to choose “Yes or No” - so they have to make a choice and you are not forcing the “Yes.” With a checkbox for “Yes”, they can easily miss it and skip it all together (since it can’t be forced!). Sandwich Page: Include a one-click upsell page between opt-in and thank you page that asks them to subscribe. “Hey! One more thing before we finish.” - It’s essentially a sales page for your newsletter. This gives you the chance to sell the benefits of being on your list. They are presented with this option all on its own, so it’s compliant. Delivery Email: You deliver the email as usual that gives them the lead magnet as promised. Include language in the email to sell them on joining your list and include a call to action (example below). Depending on how your system works, either send them to a separate opt-in or use click to segment the list. In the Lead Magnet: Add a paragraph at the end of your lead magnets selling them on your list with a clickable link. This is sufficient consent and it gives them a reminder if they look back at your lead magnet later. What’s Next? Check out Bobby’s Free GDPR Training: I’m breaking my rules a bit here because you all know I’ve had a policy for the last year or so of not sending podcast traffic to someone else’s sign up page - I’ve talked about that strategy on my show before. HOWEVER, this information is important and I want you to protect yourself. So I’m making an exception. I want to encourage you to check out Bobby’s FREE mini-training all about the GDPR. The goal of his mini training is not only to make sure that you, as an online entrepreneur, understand the legal requirements but also to give you the tools and practical advice you need to thrive in a GDPR world. THANK YOU, Bobby, for your time and generosity in helping us understand GDPR. I truly feel I now have what it takes to move forward and implement to get compliant before the deadline! -- Amy