Privacy & Compliance

1.  GDPR enhancement – double opt-in form

Posted 01-06-2018 08:00
Edited by Sion Stedman 01-17-2018 11:23

Act-On might already be advising users of this – organisations handling EU-based data should implement a double opt-in process for every sign-up form. GDPR means that in the EU, a double opt-in process will be a standard requirement (that is, collecting evidence of a person's consent that a) the submitted email address belongs to them, and b) that you can contact them using that address for whatever it is they have signed up to).

New Act-On users in particular should be advised to implement a double opt-in process from the outset. Unfortunately my company missed this opportunity, as a double opt-in process was previously only 'good practice', rather than the requirement it will become under GDPR. This means that we need to retrospectively apply a double opt-in process to all existing sign-up forms that we've managed to create in our two years as Act-On users. And we have ten child accounts in which to do this…

But anyway, one way to achieve a double opt-in process is as follows:

  1. Create Form A – the form that people will actually submit.
  2. Create a form with hidden fields and a Submit button – this will be Form B. The confirmation email added to Form B, if one is required, is the email that people should be sent after completing the double opt-in (that is, confirmation that they have completed whatever they signed up to in Form A) – this is Email B. Form B should also be set to take people to a landing page that they see after confirming their opt-in. This is Landing Page B.
  3. Create a blank landing page and embed on it nothing but Form B – this is Landing Page A. (People submitting Form A will never see Landing Page A – it is purely functional.)
  4. In the Landing Page A JavaScript, enter the magic piece of JavaScript (it is the same piece of code for any double opt-in process – see Act-On University for details).
  5. Go back to Form A and add a confirmation email – this email is the double opt-in confirmation email, Email A. Email A needs to feature a button that links to the page URL of Landing Page A. Form A should then be set to display a message advising people that they will receive the opt-in confirmation email.
  6. Add Form A to whichever landing page or web page it is required.

So the flow for the person will be:

  1. Complete Form A. Form A tells them to check their inbox.
  2. They receive Email A. They click on the button in this email, confirming their double opt-in.
  3. They are taken to confirmation Landing Page B (and, if a confirmation email has been set, they also receive Email B).
Phew!

Phew indeed. The current process works, and gives GDPR-compliant results. But it is not user-friendly for the average marketing colleague, and unfortunately represents a point where Act-On crosses over into requiring an understanding of coding and process management.

Ideally, a new type of form would be developed – the 'double opt-in form'. This could be a wizard or at the very least something that handles a double opt-in process all in a single form, simply selecting the assets named above (Email A, Landing Page B and if required Email B, without the need for Form B and Landing Page A).

In the Privacy & Compliance Act-On Community discussion, David Fowler has been keeping users up to date on developments in making the Act-On software itself GDPR-compliant. However, are there plans to enhance Act-On's tools as above to enable users to easily implement GDPR-compliant processes?

------------------------------
Sion Stedman
Idox Software Ltd
------------------------------


2.  RE: GDPR enhancement – double opt-in form

Posted 01-12-2018 16:35
Hi Sion,

I would be happy to address your concerns regarding complexity of setting up double opt-ins. Believe it or not, double opt-ins have been around for quite some time and you may not even notice it due to the simplicity of the setup and execution (think of any user registrations).

Here are the steps on how to setup the most popular method of double opt-ins only requiring 2 forms and 1 message:

  1. Create your opt-in form (Form A).
  2. Create your 2nd opt-in form (Form B - this does not need a landing page!)
  3. Create a Form Post URL (Content > Form Post URLs) for Form B.
  4. Create a confirmation message in Form A with a hyperlink using Form Post URL and a query string using your Form B data field name and a personalization field with Form A's email address.
From a end-user's perspective, they will see the following:

  1. Visits Form A.
  2. Submits Form A.
  3. Receive confirmation email.
  4. Clicks confirmation link which automatically posts a submit to Form B.
  5. The prospect is automatically direct to your Form B confirmation page and has been double opted-in!
There are many advantages to this setup as you can really use the Form Post URL for Form B as many times as you want for as many other forms as you want. Please let me know if you have any questions regarding using this method.

Best Regards,

------------------------------
Sean Chu
Sr Solutions Engineer, Act-On Software
------------------------------



3.  RE: GDPR enhancement – double opt-in form

Posted 01-16-2018 17:21
Edited by Sion Stedman 5 days ago
Hi Sean

Thanks for taking the time to reply to this. Nevertheless, I must respectfully disagree when you describe setting up this process as 'simple'. Nothing would be simpler than having a single form that handles the entire double opt-in process.

Currently, whether we do things with my method or your method, two forms are required. Also, in a great many cases, it's no advantage to be able to point multiple Form As to the same Form B, as people need to be sent to different landing pages/sent different confirmation emails depending on what it was they were signing up to in Form A. I was also advised to use my method by Act-On Support, as I understand this is what works best with Labs Forms, and ultimately Labs Forms are the future with Act-On.

I still believe it would be worth Act-On developing a 'double opt-in form'. I'm a little surprised Act-On is not coming forward with this of their own accord, when it was known what GDPR would require of organisations handing EU data. To have such a feature would help make the product attractive and user-friendly for all Act-On customers, but particularly new customers. It would be a USP to talk about in your marketing when it comes to 'Act-On's fuss-free double opt-in process, helping you be GDPR compliant with ease'. (That said, I'm not sure any marketer in the world can make GDPR exciting!)

------------------------------
Sion Stedman
Idox Software Ltd
------------------------------



4.  RE: GDPR enhancement – double opt-in form

Posted 01-17-2018 10:52
Hi Sion,
Thanks for your note, indeed GDPR and excitement probably don'y go hand in hand. I have escalated your comments to our product team for review. I will be in touch shortly, cheers.
David

------------------------------
David Fowler
Head of Compliance & Deliverability, Act-On Software
------------------------------



5.  RE: GDPR enhancement – double opt-in form

Posted 8 days ago
Dear Sion, I totally agree with you. I really don't get it why the guys from Act-On make things so complicated for us, their customers. Even though they had the webinar about new features for Q1 - NO WORD about GDPR or any kind of product updates for it.

And as I tried to escalate it bottom-up, it quickly ended with David Fowler sending me an email with the link to their GDPR landing page, with no content about concrete actions planned on it. Seriously, I've never thought that this could be as frustrating as it is right now. Large companies can not wait any longer until Act-On decides to get their things done.

------------------------------
Sven Foligowski
------------------------------



6.  RE: GDPR enhancement – double opt-in form

Posted 11 days ago
Edited by Sarah Daily 11 days ago
@Sean Chu, would you just duplicate form A for your form B since they aren't filling it out?​ Also, are both forms connected to the same list? Just trying to work out the details so I set this up correctly.

------------------------------
Sarah Daily
Digital Marketing Manager, The Enrollment Management Association
------------------------------



7.  RE: GDPR enhancement – double opt-in form

Posted 10 days ago
Hi Sarah,

Yes you can copy Form A for the second form. Alternatively, you can also post to the same form and just put a hidden field on the form that is only populated by query string (on the email CTA link).

This process can be accomplished many different ways so I'm sure others can chime in as to how they are fulfilling the double opt-in for some other ideas.

------------------------------
Sean Chu
Sr Solutions Engineer, Act-On Software
------------------------------



8.  RE: GDPR enhancement – double opt-in form

Posted 9 days ago
@Sean Chu, is there any documentation to support the many different ways to accomplish this? I'm not familiar with query strings so a step-by-step would be really helpful.

------------------------------
Sarah Daily
Digital Marketing Manager, The Enrollment Management Association
------------------------------