GDPR and Newsletters

Doesn’t seem to work with my own site, annoyingly!

That’s strange. It also couldn’t handle one of my websites, though they’re both Wordpress. But the front page for the one that worked is hosted on my own server, so maybe it doesn’t read wordpress…

Yeah, I think you’re right - mine is Wordpress too.

I just had an email from Meetup (you know that company that runs a service that lets people meet up with each other with their different hobbies etc). They’ve done it the way I did, which is just say the privacy policy has changed and to read more click here.
I said to my newsletter folks that the law had changed and if they were happy with me keeping their emails (that i would only use for newsletters) then they didn’t have to do anything but if they wanted to unsubscribe then click the link below. I’ve had ONE unsubscribe since I sent this email. If I’d deleted everyone and then asked them to resubscribe then I am pretty sure i’d have lost most of my list.
Mailchiimp have a new thing in place to add to your signup form regarding the GDPR thing so that makes it super easy. I’m not sure what this means re us holding data for our patrons though.

Hi Emily. I would love to just send out an updated privacy policy, and say “unsubscribe if you’re unhappy”, but that’s implied consent. I know from my stats that not everyone reads, or even opens, my newsletters, so I can’t know that they’ve read and agreed.

Everything I’ve read about GDPR stresses the importance of explicit consent - the subscriber must click to accept, sign-up or reply in some form to say that they agree. Now, since they’ve signed up in the first place, doesn’t that express explicit consent? Yes, but not to your privacy policy (which, I’m assuming, wasn’t in place when they did - mine wasn’t). But then (thinking aloud!), what happens if your privacy policy changes in the future? Surely they can’t be expected to sign up all over again? Perhaps, having accepted your privacy policy explicitly, implied consent is OK at this point?

In short: I just don’t know.

Regarding the information that Patreon holds on patrons, I would have though that this is Patreon’s responsibility to ensure that they are GDPR compliant - @erin and @carla? If so, I assume something will be forthcoming in the next week or so…?

1 Like

Yes you’re absolutely right but i’ve seen several companies use this method - ie, they can unsubscribe if they want. I’ve always told people I won’t u se their email for anything other than the newsletter so I don’t think I need to worry about it.


I’ve done my statement - which covers quite a few things. You can see it here :

I’m not a lawyer and offer no advice, but if if helps you are free to copy or base yours on this.

My Mail list - with - has always been double opt in and carried an unsubscribe button, so I have sent an email to my list to tell them of my statement, where to read it and how to subscribe if they wish to.

I think that is fair.

1 Like

Don’t mean to make you worry! I think, as long as people are making an effort, then that should count for something.

Regarding the companies that just say ‘let us know if you’re unhappy, otherwise we’ll assume you’re happy’, these will already have made you sign up to a privacy policy. Therefore, all they’re really doing is updating their privacy policy - which, as I said, may not require explicit consent.

I’m with @gareth.southwell on this, we have already agreed to the privacy policy of any company we receive mail from, therefore they only need to inform us that it’s updated. Us creators/small businesses are in a different category and have to put in place something new.
That said, it depends on how safe you want to be on this matter. Not being a big fish, you could get away with not going the whole hog. Personally I’d rather make a clean job of it now, make sure 100% of my subscribers have opted in, and never have to worry about it again. Will I lose half my mailing list? I totally expect to, but I have discussed this issue with a prominent opt-in link in my last two newsletters: anyone who’s not actually reading these emails is not really a loss to me.

Yeah that’s a good point re if you lose the people. Dang. I really don’t want to do this just before a kickstarter… but then like you say, those who don’t read it anyway aren’t going to read the email about the kickstarter!

I reckon you could wait till after the kickstarter? I can’t imagine being a little late would be a big issue…

1 Like

Yeah I reckon you are right. It’s not like i’m gonna get a knock on my door!

Right, I’m going to go with my original plan (which sounds like it’s also @joumana’s!): use the final newsletter before the deadline to inform everyone that they need to re-subscribe; unsubscribe them; the ones who respond are keepers.

Thanks for sharing your policy, @shoorayner. I’ll check it out. I’m currently waiting for the Association of Illustrators to finish their policy template. When they send it, I’ll share it on, but for now I’ve done my own (posted above somewhere).

It’s a shame GDPR hasn’t been better coordinated. I think some sort of policy generated by a tickbox survey would have saved everyone a headache.

Just a quick check-in after chatting with our internal team for an update. Right now on or near May 25, 2018, Patreon will send out an email summarizing Patreon’s Privacy Policy about how we use and protect your data. This Privacy Policy constitutes the agreement between Patreon and creators on patron data. Since both creators and patrons are subject to Patreon’s new Terms of Service and Privacy Policy no separate data processing agreement is required of you by Patreon.

In terms of your own websites, it’s hard for me to say. It seems like a lot of you have specific circumstances and either need to rely on industry groups or other legal help. It is great to see all of you help one another and provide insight. Otherwise you’d need to find a lawyer who specializes in the issues around data and privacy.

1 Like

Thank you @gareth.southwell for pointing that out! I thought I checked so that I didn’t have any cookies but this cookie-checker says different! Aahh, will have to figure this out.

I recently sent a newsletter to my email list, saying that I have updated my sign-up forms (and embedded forms) with more specific info (and inserted this new text into the email), and as nothing has really changed (I’ve always had double opt-in and only send newsletters to these folks and have never put anyone on my list without their consent, plus I thought I didn’t have any cookies, hah!) I told them about GDPR and that they may unsub at any time in the footer of my emails etc.

Here is my signup form:

Don’t see why I would need a tick-box because they enter their email, click the button, and then confirm it with the double opt-in? I don’t think I need to separate my email list in segments and have check-boxes for these, when I only send newsletters related to my art and don’t use their emails for automated marketing or anything else - so I just have the one segment. And can’t see why I would need to make them re-subscribe since I haven’t really changed anything.

1 Like

“Old Love Letters”

Although I will always remember you
And the details of our alliance
I had to delete all the data you sent me
For GDPR compliance.

GS, 2018


Genius :joy::joy:

i run a website and a discord chatroom.

all my members receive a weekly email.

This weekend i will add the following text which should keep me legal and in conformity

with the GDPR obligations.

I wanted to let you know that I take safeguarding personal information seriously. To comply with new legal requirements with effect from today, May 26th, 2018 this policy will reflect the increased transparency requirements of the European Union General Data Protection Regulation (known as the ‘GDPR’).

Today we are simply announcing the Privacy Policy which clarifies and provides information about:

The types of data we collect, how we collect data, with whom we share it and how we use it

Please click here to read the Privacy Policy.(embedded link to document)

By continuing to use the website, the discord chatroom and services on or after May 26th 2018, you acknowledge and agree to our Privacy Policy.

If you have any questions, please contact us at New data protection regulations come into effect in the European Union and elsewhere. We are committed to improving our privacy practices and we are confident this updated policy will make it easier to understand the data collected and stored.