Guide to being GDPR complaint

Avatar Ilemi Arrindell, 

What is GDPR?

GDPR stands for General Data Protection Regulation, this legislation came into effect as of the 25th of May 2018 and impacts all businesses who operate and market within the EU.

The legislation determines how the personal data of EU residents can be stored, transported or used. 


What is the definition of personal data for GDPR?

This means any information that relates to a EU resident that can identify them, such as: 

  • An identification number or name
  • Physical characteristics 
  • Physiological & mental characteristics (genetic, health & sexuality)
  • Economic, cultural or social identity (race/ethnicity, political or religious views, Union membership) 
  • Location data 
  • Online identifier (I.P. Address)

Some of these are considered sensitive personal data and are subject to more stringent regulation.


What are the risks for not compiling? 

Companies that fail to handle data in compliance with the legislation face hefty fines.

Depending on the severity of the breach these could total 20 million Euros or 4% of worldwide turnover (depending which is greater). Aside from the financial cost the damage to reputation could be irreparable. 


Good practice

Whilst you are unlikely to be fined immediately for a mistake, there are some things you can start doing now to get your Event Lead Capture process up to scratch.

  •  Ask people to opt in rather then opt out of marketing communication.

The new legislation will ask you to provide hard evidence that an individual chose to sign up for marketing content. Someone not unsubscribing yet, is not confirmation that they are interested in the material you are sending them. 

  • Try not to rely on paid lists/ delegate lists

The use of badge scanning by event exhibitors under GDPR is still a grey area, it can be extremely difficult to provide explicit proof that someone allowed their name badge to be scanned to receive marketing materials. Furthermore if the individual opted out of sharing their data with the provider, you may not even get a complete name back from the badge. 

Start using other collection methods which allow you to record explicit consent alongside their contact information.

  • Check what's in your follow up email 

If you send an email receipt to people you've spoken with at an event booth, make sure you only provide details on what was discussed or requested. To cross sell in the email you still need explicit consent.


Akkroo features here to help

If you still not sure where to start or how you can ensure your lead capture process is above board, try using some of the below pre-formatted Akkroo form fields to quickly adjust. 


This question comes ready-made with a well worded request for people to agree to receive further marketing communication from your company. Although simple, this is by far one of the most effective ways to record consent. 

Double opt-in is when individuals need to confirm their email address before being added to your email communications list and receive emails from you. It is the double confirmation of their subscription to your newsletter or any services needing their email details. Using double opt-in in email marketing is a good way to ensure compliance regarding consent under GDPR. You can add double opt-in into the custom email footer, below.

If you are using an opt-in question it's better practice to leave this unticked by default. 

Terms & Conditions box

When asking people to opt-in to your marketing communication it is important you are extremely clear on what they are agreeing to, "Do you want to hear from us?" might be an explicit question but "hearing from" is not a clear definition of what type of communication and regarding what subject they can expect to receive.

The Terms & Conditions feature can provide them with further information in pop-up window rather then a lengthly explanation in your question. Use it to detail whether you plan to send them email or texts and if you want to tell them about feature updates or sell them a new product. us 

Custom email footer

Our customisable email footer allows you to tailor the Follow-Up email to your companies exact needs by combining information you receive in a form response with elements of your own contact management processes.

This gives you the ability to provide a link to further Term & Conditions in the follow up email, you could also use Markdown to create a custom unsubscribe or opt-in links for the registrant. 

The custom email footer is a good place to add a double opt-in confirmation, or an invitation to join your email communications list. 


What are we doing for GDPR?

Download Akkroo's GDPR Compliance documentation here

Can't find what you're looking for? Contact us