Author Topic: Book in exchange for mailing list sign up and GDPR  (Read 3513 times)

Denise

Book in exchange for mailing list sign up and GDPR
« on: October 14, 2018, 11:42:56 AM »
This popped up in another topic, but I thought it would be better to make a new topic.

Is it against GDPR to give a book for newsletter subscribers?

The GDPR doesn't state that clearly. It states that companies shouldn't require unnecessary personal data to perform a service or give a product. This is tricky with newsletters because an email is not necessarily personal data (joe@randomwebmail.com doesn't identify the person), and if the book is a perk for subscribing for a mailing list, then in theory, you need the email to send your newsletter.

Bookfunnel allows users to have different settings for EU users. It can also emphasize the newsletter sign up. I actually like it when it's very clear that the reader is signing up for a newsletter

Instafreebie/Prolific Works, doesn't have any specific setting for EU, and it allows mandatory sign-ups, the only thing is that it doesn't promote them. This is the reason people believe they are no longer allowed to give a book in exchange for a newsletter sign up. I personally think they decided not to promote mandatory giveaways for other reasons. If they really thought that mandatory newsletter sign ups were going to get them in trouble, I don't think they would offer the option.

StoryOrigin and Book Cave Direct also allow mandatory newsletter sign-ups.

Anyways, I think it's fine to interpret that perhaps GDPR doesn't allow giving books as a newsletter incentive, but it's an interpretation. Since GDPR, lots of authors continued giving books for newsletter sign ups. The only company that suffered was Instafreebie/Prolific Works, because authors started organizing group giveaways elsewhere.

As we've seen, companies can do way worse things to personal data than sign you up for an email list.

Opinions, experiences?
 
The following users thanked this post: Lysmata Debelius

Denise

Re: Book in exchange for mailing list sign up and GDPR
« Reply #1 on: October 14, 2018, 11:52:35 AM »
The legislation is here:

https://gdpr-info.eu/art-7-gdpr/

Quote
When assessing whether consent is freely given, utmost account shall be taken of whether, inter alia, the performance of a contract, including the provision of a service, is conditional on consent to the processing of personal data that is not necessary for the performance of that contract.

It also states that consent must be clear. That's one good reason why it must be clearly stated that you're collecting the reader's email to send them a newsletter.

https://eugdpr.org/the-regulation/

Quote
Consent
The conditions for consent have been strengthened, and companies are no longer able to use long illegible terms and conditions full of legalese. The request for consent must be given in an intelligible and easily accessible form, with the purpose for data processing attached to that consent. Consent must be clear and distinguishable from other matters and provided in an intelligible and easily accessible form, using clear and plain language. It must be as easy to withdraw consent as it is to give it.​

Lee

Re: Book in exchange for mailing list sign up and GDPR
« Reply #2 on: October 14, 2018, 12:36:10 PM »
An email address is indeed considered personal data. I spent weeks trawling through GDPR hell; it's just about as unintelligible as it gets. The irony  :evil2:
I did not come across anything that would suggest you cannot give away a book, or any product, as an incentive for a newsletter signup, as long as the reasoning is clear about what you will do with their email address and what you might use it for, e.g., marketing, update notification, general info etc.

As long as you keep proof of consent (make sure your provider records this data), preferably use double opt-in; make it clear they can unsubscribe at any time and they have the right to be forgotten. An unsubscribe link should be provided in each email that you send. Keep a screenshot of the opt-in screen and include a consent checkbox if possible.

You could easily pick holes in the entire process, it's flawed from the outset and ill thought out. The best you can do is try to get it right. As long as you are seen to be doing that, you are unlikely to have any problems.

Fwiw, nearly every large company I have come across so far are still non-compliant, especially when it comes to cookies (which are tied into GDPR without being explicitly stated). I don't think this is so much intentional on their part, nobody really seems to have a clue, including those that wrote the rules.
 

Simon Haynes

Re: Book in exchange for mailing list sign up and GDPR
« Reply #3 on: October 14, 2018, 02:04:43 PM »
My opinion? If I follow a link which says 'Sign up to my newsletter and get my book for free', I'm not going to be surprised when they ask for my email to send me the book.

As long as the newsletter has a nice, simple unsubscribe, I think it's fine.

What I don't like is an unsubscribe process where they force you to give a reason, or log in their system, or even enter the email address you want to unsubscribe with. That's underhanded and lazy.

What I REALLY don't like is further contact AFTER I've unsubscribed. That's when I reach for the 'report spam' button. (A 'You have been unsubscribed' msg is fine, but an email weeks later telling me about some deal 'They just HAD to tell me about?' Nope.

Companies who add new mailouts or newsletters to their weekly roster, and automatically include all their customers in this new and exciting mailout - they're the pits. It's like whack-a-mole. Loads of them do this, which is why I use a burner email for all web signups.

I believe if a given company or individual behaves properly when sending newsletters and handling subscribers, they'll get no complains. Most people are reasonable, and having to click on the unsubscribe link in an unwanted email doesn't send them into a lawsuit-inducing rage.

If someone IS that sort of person, then like me they should maintain one or twelve more email addresses.
 

Lysmata Debelius

Re: Book in exchange for mailing list sign up and GDPR
« Reply #4 on: October 14, 2018, 04:06:17 PM »
Thanks for starting this discussion, Denise.

I was asking about it because I'm working on a post over in Secret Writers' Business board called "Writers beware", with a list of things people should aware of if they want to stay out of trouble.  https://writersanctum.com/index.php?topic=817.0

I'm trying to keep each entry concise and back them up with links to official sources.  I put an entry in there about the GDPR thing but I don't have any source, and it seems my current entry is incorrect.

Maybe it should say something like:
"Mailing list incentives: There don't seem to be any clearcut regulations in GDPR preventing writers from offering free books or other give-aways in return for mailing list sign-ups. However, it's worth being careful as you might run into trouble. Your sign-up page should clearly state what the mailing list is for, and how you'll use the emails. Also make sure that it's easy to unsubscribe from your mailing list."

How does that sound? Any links I could provide to substantiate that?

 

VanessaC

Re: Book in exchange for mailing list sign up and GDPR
« Reply #5 on: October 14, 2018, 07:34:52 PM »
Not an expert, but I think the critical thing with GDPR is to be clear why you need someone's personal information, such as email address, and what you are going to do with it. 

I found the Science Fiction and Fantasy Marketing podcast episode with Damon from Bookfunnel to be really helpful for GDPR and mailing lists generally. 

I also think Mark Dawson's Self Publishing Formula podcast had a GDPR show as well.  As Mark is British and a former lawyer, likely to have good info - I've not listened because quite frankly I reached the point where if one more person said GDPR to me, I was going to scream.  Calming down now.

So in your "sign up to my mailing list" box or page you need to make it clear to readers what they can expect from you - for example, my sign up box says:

"I will use the newsletter to let you know about my books, new releases and other book news. 
I will only use your email address for my newsletters and you can unsubscribe at any time."

I use Mailerlite for my list and have checked the double opt-in process, so anyone who makes it through that and onto my list really wants to be there!

At the moment I don't have a mailing list freebie, but when I do I will amend the text to reflect that - again, as long as people know what they can expect from you, and that's what they actually do get from you, I think you're fine.

(Edited for typos.)
     



Genre: Fantasy
 

WasAnn

Re: Book in exchange for mailing list sign up and GDPR
« Reply #6 on: October 14, 2018, 09:10:45 PM »
I took GDPR very literally, giving it full weight for my whole list.

If my offer is this: Sign up for my newsletter and get the book free.

Then the only things I actually need to execute it is the email address to send it to. That's it. No first name, no country of origin or anything else. So, I minimized what I collect to exactly what I need to execute the contract.

Unsubs clear and proper, etc.

For IF/PW, I use opt-in optional for almost everything. The only opt-in mandatory is the one that is mentioned above.


Science Fiction is my game.
 

NathanBurrows

Re: Book in exchange for mailing list sign up and GDPR
« Reply #7 on: October 14, 2018, 09:59:13 PM »
Mark Dawson’s GDPR episode is below. They get a lawyer on to talk about the rules. She’s very cagey, as at the time they recorded it, the legislation was still unclear. Not much has changed since though - it’s still pretty unclear!

https://selfpublishingformula.com/episode-117/

Denise

Re: Book in exchange for mailing list sign up and GDPR
« Reply #8 on: October 14, 2018, 10:14:13 PM »
An email address is indeed considered personal data. I spent weeks trawling through GDPR hell; it's just about as unintelligible as it gets. The irony  :evil2:


Yeah, they are not much into being intelligible and accessible... 


I was asking about it because I'm working on a post over in Secret Writers' Business board called "Writers beware", with a list of things people should aware of if they want to stay out of trouble.  https://writersanctum.com/index.php?topic=817.0

Maybe it should say something like:
"Mailing list incentives: There don't seem to be any clearcut regulations in GDPR preventing writers from offering free books or other give-aways in return for mailing list sign-ups. However, it's worth being careful as you might run into trouble. Your sign-up page should clearly state what the mailing list is for, and how you'll use the emails. Also make sure that it's easy to unsubscribe from your mailing list."

How does that sound? Any links I could provide to substantiate that?


It sounds good. Again, there won't be any links. This regulation is about Facebook, Google and cia selling out our information, not about mailing lists, and does not address them. It's not an anti-spam regulation. The closest I found was the one I posted about consent, which must be freely given. That's the point people are using to claim forbids newsletter incentives.

You can also take a look here: https://gdpr-info.eu/art-5-gdpr/  This is about the main principles. Again, the idea is that people know when their data is being collected, consent to it, and know for what this data is going to be used.

Thanks for compiling this information.

Not an expert, but I think the critical thing with GDPR is to be clear why you need someone's personal information, such as email address, and what you are going to do with it. 


That's how I see it. Some people interpret it differently, which is fine.


Then the only things I actually need to execute it is the email address to send it to. That's it. No first name, no country of origin or anything else. So, I minimized what I collect to exactly what I need to execute the contract.


Yes, if you think that you shouldn't be using unnecessary information, there's no need to collect names. I also ask only for the email.

It's funny that some people freak out about newsletter incentives, while still having their Facebook pixels, for example, without asking for consent or informing their visitors. Lots of people find it super creepy to get ads for sites they visited outside Facebook, and, in a way, it gives them that horrible sensation that Facebook is following them. 

When GDPR came about I removed Google analytics from my websites. I don't think the EU is going to come after tiny websites, but it was a good moment for me to reflect whether I should be giving my visitors' information to Google. And I don't find Google that nefarious.

Mark Dawson’s GDPR episode is below. They get a lawyer on to talk about the rules. She’s very cagey, as at the time they recorded it, the legislation was still unclear. Not much has changed since though - it’s still pretty unclear!

https://selfpublishingformula.com/episode-117/

I thought that was murky as hell, and excessively cautious, which is understandable.
« Last Edit: October 14, 2018, 10:17:02 PM by Denise »
 
The following users thanked this post: Lysmata Debelius

Bill Hiatt

  • Trilogy unlocked
  • *****
  • Posts: 3735
  • Thanked: 1326 times
  • Gender: Male
  • Tickling the imagination one book at a time
    • Bill Hiatt's Author Website
Re: Book in exchange for mailing list sign up and GDPR
« Reply #9 on: October 15, 2018, 12:02:27 AM »
I'm having trouble finding a lawyer who has any real information about GDPR. It's still pretty new, so there isn't much case law to use as a guide for interpretation.

I, too, have heard the notion that if you offer incentives (and there's no other way to get them), then the consent might not be freely given. Consequently, I stopped giving free books for email signups. I'd love for the EU's relevant agencies to make some kind of definitive statement, but I suppose I'm just dreaming.


Tickling the imagination one book at a time
Bill Hiatt | fiction website | education website | Facebook author page | Twitter
 

Lee

Re: Book in exchange for mailing list sign up and GDPR
« Reply #10 on: October 15, 2018, 02:54:57 AM »

I, too, have heard the notion that if you offer incentives (and there's no other way to get them), then the consent might not be freely given. Consequently, I stopped giving free books for email signups. I'd love for the EU's relevant agencies to make some kind of definitive statement, but I suppose I'm just dreaming.

I think we need to fight back to some extent to at least try to prevent GDPR and the EU's arrogance bringing business to it's knees. I'm trying to comply best I can but if I take everything at it's vague wording, I will be out of business. I do nothing unscrupulous, and never have done - for GDPR, that doesn't seem enough.

I am signed up to the ICO newsletter. They sent out a rant of their own some time ago about all the scaremongering around GDPR. The f*****g cheek of them.
My entire living is affected by GDPR, therefore I have spent hundreds of hours researching and asking questions. Most questions get either ignored, or a reply as vague as the original problem.

Not once have I come across scaremongering (although I'm sure some is out there). Everything I have read has been written by people simply trying to make sense of it, which is virtually impossible. This has left people with no other option than offering their best interpretation ... the ICO have labelled this "scaremongering," yet still have given no clarification or tried to address anybody's concerns.

Concerning the free books, this is about the closest I can find to getting an answer.

Quote
Paragraph 60.
The key points are that for consent to be valid, it must be:

freely given – the individual must have a genuine choice
over whether or not to consent to marketing. Organisations
should not coerce or unduly incentivise people to consent, or
penalise anyone who refuses. Where consent to marketing is
a condition of subscribing to a service, the organisation will
have to demonstrate how this indicates that consent was
freely given (see paragraph 66 below).

Paragraph 66.
The ICO recommends that organisations do not make consent
to marketing a condition of subscribing to a service unless they
can clearly demonstrate how consent to marketing is necessary
for the service and why consent cannot be sought separately.
It is also relevant to consider whether there is a choice of other
services and how fair it is to couple consent to marketing with
subscribing to the service. It will also be important to assess
whether this approach creates an imbalance between the
individual and organisation (see the UCAS example above).

I can see how this could make anybody think we shouldn't offer a free incentive.
I read it differently: The newsletter is the service. Marketing is part of that service. There are no rules saying we are not allowed to send marketing messages. We are entirely in compliance of the law even if our newsletter is used for nothing other than marketing. As long as the person signing up gives consent, there is no problem.

As I see it, this would be different if I was selling the book only on the condition of signing up to marketing. I must allow any person to buy or subscribe to any service I offer, without needing to opt-in to anything and opt-in must not be implied.
There are also allowances for this. For example, Groupon, comparison sites etc. These kinds of services cannot run without opting in. In cases like this, marketing is the service being offered.



 
The following users thanked this post: Simon Haynes, Lysmata Debelius

RappaDizzy

Re: Book in exchange for mailing list sign up and GDPR
« Reply #11 on: October 15, 2018, 04:21:52 AM »
I give my books to someone in return for something of value.

That’s either money or your name and email address.

If a someone (like these dumb politicians & lawyers) think it’s wrong to force someone to pay with the name and email address then it’s also wrong to expect them to pay with money.

I agree with what’s been said before, in some ways we’ve hurt ourselves with the permafree & freebie marketing. I have my “cheapest” books at .99. And I’m now using “giveaway” instead of “free” when I send promotions to my list. I’m also glad now Instafreebie changed their name - it’s hard to ask for something of value if it’s free  :banana:
 

RBC

Re: Book in exchange for mailing list sign up and GDPR
« Reply #12 on: October 15, 2018, 04:30:21 AM »
GDPR is about data collection not what we give away to get the date (in this case email address or name etc).

If you have a clearly stated giveaway AND the checkbox for consenting AND you clearly state your further intentions for the email list in your Welcome email you will be fine.

You have to also clearly state what data is being ollected and how it will be used (name, email, website address etc) in your website. That's where update for Privacy Policy page is needed (list the services you use that collect data - like Google Analytics, MailChimp etc). The PP page doesn't get read much but it's there for legal reasons and it should be updated for GDPR.

It also helps to display a so called 'Ribbon' with a notice that ''This website collects some data, if you're ok with that click 'Yes' or read our Privacy Policy page to learn more'. This is an oversimplified gist of that.

GDPR doesn't limit what you can give away, it's just about protecting the data that is collected and average site doesn't collect too much data (ecommerce site would collect more, like credit card, address etc).  So authors are not gonna be collecting a lot of data and don't need to panic.
 
The following users thanked this post: Simon Haynes

okey dokey

Re: Book in exchange for mailing list sign up and GDPR
« Reply #13 on: October 17, 2018, 02:36:24 AM »
I'm not in the EU.
If EU subscribers become a problem, I unsubscribe them.
 

Simon Haynes

Re: Book in exchange for mailing list sign up and GDPR
« Reply #14 on: October 17, 2018, 02:59:33 AM »
I find it really annoying that a regulation brought in to stop big business harvesting and using data without permission is impacting on those of us trying to do the right thing.

I have absolutely no problem signing up for something if the person is clear about what I'm getting into. If I sign up to a newsletter to get a free book, I'm not going to run off crying to the authorities just because a newsletter shows up in my inbox. If I feel it's a bit too hard-sell or spammy or way too frequent, I unsubscribe. If that doesn't work for any reason, I'll report it as spam, block the sender and never see anything from them again.

So, I have no problem advertising my freebie on FB in exchange for a newsletter signup. I'm getting 40 per day at the moment, and one hour after they join they get a welcome email with a freebie. Over the past 7 days I've added almost 300 new subs, and only 2 unsubscribed. Not one reported me for spamming.

Everything I do requires double opt-in, it's clear that they're signing up for occasional newsletters, and there's an unsub link on every email I send out. I only ask for their email, not their name (first OR last), and I don't collect any other data.

I just don't see the problem as long as I treat others the way I want to be treated.