Privacy & Compliance

Topic: Subscription Management and GDPR issues 

1.  Subscription Management and GDPR issues

Posted 11 days ago

Key areas where Subscription Management is currently weak include the ability to customise, and GDPR compliance.

We have not turned on the feature because we do not believe it can deliver GDPR-compliant results. For example, individuals subscribing to receive future marketing communications should go through a double opt-in consent process, but Subscription Management cannot trigger or manage this. Nor does it record the necessary criteria required for GDPR (that is, 1. how the person opted in, 2. the text of the consent statement to which they are agreeing, 3. segment the type of content they are interested in against the topics they are interested in, ensuring they are sent only relevant communications).

In order to create something approaching an attractive/customised preference management page, I have been designing an Act-On landing page and (very complicated!) form, where the individual has the option to set what communication type(s) they wish to receive, what content type(s), and their preferred topic(s). Submitting this form takes them through a double opt-in process, ensuring we have a record of their permission to contact them for marketing purposes. It also uses hidden fields to record against their submission how the individual opted in, and the text of the consent statement to which they agreed. This is all then recorded in a form submission list, which will serve as our 'master' consent list. So far I have something that looks like this:

Image: Preference Management Page 

This is still flawed, as the form is not relational – that is, a person might e.g. set the type of communications they wish to receive without setting their topics. This is something we are likely to have to live with as it's the best that can be done at the moment, and we need to get some sort of process in place (what with GDPR taking effect in a matter of weeks).

I appreciate Act-On is not a CRM or preference management tool, and I am trying to make a square peg fit a round hole, but it would not take a great deal of development of Subscription Management to make it attractive and GDPR-compliant – something that Act-On customers currently have to look to other providers for.

Sion Stedman
Idox Software Ltd