The intention of this article is to show what POPI compliant email marketing looks like. We aren’t giving legal advice about POPIA and for large organisations it is advisable to use this time to become compliant as it can take longer than anticipated. This article is about email marketing in line with the spirit of POPIA.
Quick recap – What is POPIA?
POPIA, the Protection Of Personal Information Act, is legislation designed to protect any personal information which is processed by both private and public bodies. Some exceptions do exist, but every person who collects, stores and otherwise modifies or uses information (i.e. processes information) must comply under POPIA.
What does POPIA compliant email marketing look like?
Our overarching approach when we do email marketing for our clients is this:
Think about how you would like your customer to experience your brand. Ensure it is a pleasant experience for them to receive email marketing from you. Everything we do for our clients at Cantaloupe Digital is informed by this approach. The way we get your message across, the frequency of mails, the quality of the information, content, the layout, design and accessibility. We take this and best practices into consideration when planning our client’s email campaigns.
This approach aligns with the intentions of the POPI act.
POPIA wants to put an end to the approach we like to refer to as “spray-and-pray”. In other words the sending of bulk mail to everyone in the hope that someone might be interested. Finding quality leads and then targeting just those quality leads who are interested in particular goods or services is in line with what POPIA wants to achieve.
Currently you can email on an opt-out basis. This means you can send emails until the person unsubscribes or asks you to stop. After POPIA, you will only be able to email market on an opt-in basis. From that point you can email them only once to get their consent to send them more emails.
Communications to existing customers
These points are important:
- You got their details in the process of selling a product or service.
- POPIA requires you to identify yourself: display your logo or company name in the body of the email. Your sender name is also important to identify yourself.
- Your communication to customers is related to your products or services.
- Your customer can opt out at the time the information is collected and each time communication is sent.
- The content can only relate to your own similar products or services.
- The customer must have been given the right to opt out each time, an unsubscribe link makes this easy.
- Provide an address to which the customer can send a request to opt out.
What about email marketing to people who are not your customers?
Remember at the moment you can email market on an opt-out basis. This means you can email market to people as long as you include the ability for them to opt-out / unsubscribe from your mailing list. Once the POPIA comes into effect you may only market on an opt-in basis. You’ll need to run campaigns to entice people to sign up to your mailing lists. The basics here are a sign-up form on your website and social media offering something of value in exchange for their opt-in.
A person can only be approached once to get consent. Once such consent is refused, it is refused ad infinitum. You must always be able to tell people where you got their information from.
What about protecting their information?
The information required for email marketing can range from email addresses to more detailed information such as products purchased and amount spent. Regardless of the information it needs to be secured, accurate, and used for the purpose for it was collected.
Accurate customer information can be used for a better brand experience
If you have inaccurate information how will correctly personalise your emails or communicate about topics your customer is interested in?
Reputable email marketing systems help to keep information secure and have tools that can be used to segment your mailing lists so you can send content suited to people’s preferences.
6 ways an email sending platform (ESP) can help you with POPIA compliance
Choosing a reputable bulk email sending platform (ESP) to use for your email marketing can certainly make it easier to comply. The onus is still on you to ensure you use it in a compliant way.
- ESPs ensure your business address and contact details are included, usually in the footer of the emails you send from the platform.
- Opt-ins and Opt-outs (unsubscribes) are handled automatically.
- Data is stored securely and you can control who in your organisation has access. This is one of the parts where the onus is on you to ensure compliance.
- Depending on how you use the system it will help you to be able to tell how you got the person’s information. Sign up forms handle this automatically or if you are importing a list you can name your mailing lists appropriately.
- The reporting offered by these systems helps you maintain your mailing list. Hard bounce reports should be used for follow-ups and data needs to be updated in the system. People change email addresses when they change jobs and so you need to keep this info up to date.
- ESPs help with basic validation. For instance broken email addresses are identified and excluded by the system from email sends.
It’s up to you to manage the quality of the data. If you put garbage into the system you will get garbage out. It’s essential to have a policy of how data is captured and kept clean – for example first name must start with a capital letter and be spelled correctly. You get the idea.
The spirit of the POPI act will lead to better engagement rates on your email newsletters and campaigns. It’s about the quality of your mailing list.
It’s up to us as marketers to get more creative and innovative with opt in campaigns and delivering a more effective standard of email marketing for our clients.
POPIA applies to email marketers with data subjects in South Africa. If you’re a multinational company or you market to people in other countries take note that other data protection and privacy laws apply here too. For example Europe (GDPR), USA (CAN-SPAM), and Canada (CASL).
How have you ensured your organisation is doing email marketing the POPIA safe way? Please share any questions or comments below.