How to set up ConvertKit for GDPR
Disclaimer: This post may contain affiliate links to products or services that I recommend. I may receive a commission should you sign up through my link (but at no additional cost to you). I only suggest products and services that I wholeheartedly support and believe in and have either used myself or have used on behalf of a private client.
GDPR for emails doesn’t have to be a headache, you just need to make sure you’re asking the right people for consent and then use that information correctly when you’re sending automation sequences and broadcast emails. Read on to find out how to do both!
How to set up ConvertKit for GDPR
You’re ready to set up ConvertKit to make sure your email strategy is GDPR compliant, so in this tutorial I’m showing you the two phase process to make sure you’re following the rules.
For more information on GDPR for emails, take a look here. And if you need to know how to create a form in ConvertKit and add it to your Squarespace site, see this post here. These links are at the bottom of this post if you want to check them out after you’ve read this.
So let’s dive in! Watch the video below or scroll to read the instructions.
Phase 1: Set up for getting GDPR consent
To make sure you’re getting consent from the right people, you’ll need to set up a pop-up that asks your subscriber whether they consent to further emails and also using their data for marketing. For more information about GDPR for emails, click here.
To set this pop-up up in ConvertKit, you need to go to Account Settings and scroll down to the area that says Subscriber Consent Options (GDPR compliance).
You’ll see the options to show this form to all subscribers, none or just those living in the EU which is who the GDPR regulation is specifically for.
It’s all very well collecting this information, but if you’re not using it correctly you’ll be breaking GDPR rules, so phase two is where we set up how we use this information in ConvertKit.
Phase 2: Using the GDPR information in ConvertKit
For automated sequence triggers:
If you have a welcome sequence and want to make sure that only gets sent to your consented subscribers you’ll need to set up something like the following...
STEP 1: Set up a rule for all your forms to add a tag to trigger a the sequence – I use “New Subscriber”.
STEP 2: Set up a visual automation that has the relevant filters in place to only send those who have consented (plus those who aren’t required to consent) to be sent the welcome sequence. You do this…
Trigger: New subscriber tag is added.
Condition 1: Matches advanced filter “Within the EU”.
Yes: Go to Condition 2.
No: Subscriber is added to Welcome Sequence. “New Subscriber” tag removed.
Condition 2: Has “GDPR: Email Consent” tag? This is the automatic tag CK creates and attaches when they consent in the pop up box.
Yes: Subscriber is added to Welcome Sequence. “New Subscriber” tag removed.
No: “GDPR No Consent DELETE” tag is added. This is a tag I created to know who to delete from the account due to no consent.
For broadcast email filters:
To make sure that you don’t send your regular broadcast emails to your non-consent subscribers you can check for subscribers with the DELETE tag each time, or if that is too time consuming you can set up a segment that filters out these people.
I don’t use the DELETE tag as the filter but use their location and consent tags instead. These are automatically attributed to the subscriber when they come through your forms using the GDPR pop-up. Using this as the filter makes sure I’m compliant, just in case anything breaks in my visual automation (where the DELETE tag is added).
So, to set up the segment…
STEP 1: Go to Subscribers > Segments (right hand side menu) > Create a Segment
STEP 2: Name it Non-Consent EU.
Select Matching ANY of following: Within the EU
AND
Matching NONE of following: Subscribed to “GDPR: Email Consent” tag
This will create a segment of subscribers who are in the EU but have not given consent.
STEP 3: Create a new segment as before Subscribers > Segments (right hand side menu) > Create a Segment. Call it Newsletter or Main List.
STEP 4: Set up the filter as follows:
Matching ANY of the following:
All Subscribers
AND
Matching NONE of the following:
Within the “Non-Consent EU” segment
This will create a further segment that excludes all non-consenting EU subscribers.
STEP 5: When sending your broadcast emails, you’ll need to select the segment “Main List” to send to so you’re only sending to those outside of the EU and those in the EU that have given consent.
This may seem a little convoluted, but I like to see at a glance in the side menu of segments and tags the number of subscribers that haven’t given consent (the Non-consent EU segment) and also how many subscribers I am “allowed” to email with my weekly broadcast emails (all subscribers minus the Non-consent EU segment).
If you have any questions about this, please send me a message through my contact form here.
Related content:
What you need to know about GDPR for emails
How to add a ConvertKit signup form to Squarespace
What’s the difference between broadcast emails and automation emails?