You may have seen these four letters a lot recently: GDPR.. but what is it and why is it relevant to us? It stands for the EU General Data Protection Regulation, and it’s a new set of regulations coming into effect on the 25th of May 2018 designed to protect consumers (so all of us!). It comes after four years of preparation and debate, so it’s something that’s been in the works for a while and anyone who’s had any difficulty unsubscribing from a mailing list or with unsolicited mail of any type will agree that it’s overdue. 

It’s happened to me - for example. I once flew with KLM (the airline), and I was absolutely inundated with emails immediately after. I unsubscribed to every single one yet still they kept coming. I hadn’t knowingly even signed up to their email list - I must have missed a check box somewhere. Their mailing list address kept slightly changing so I think they were subscribing me to new lists every time I unsubscribed from one. 

How does this affect you as an ECY customer?

As a small business we have to comply with these new regulations, so we’ve been planning ahead to make sure that that is the case. We’ve always had two-step confirmation for our newsletter sign up anyway, but we have to go back and make sure that we’re doing it by the book. It’s one of those situations where the regulations are good and we support them, but there’s very little practical advice telling companies what to actually do. Some people tell you you need to be doing one thing whilst other people will tell you something else. There’s information at the GDPR website HERE and on our own government website HERE but as I said - it doesn’t specifically tell us what to do. As a result, what we have done/are doing is based on our own research.

So… we firstly needed to check that you all wanted to be on our newsletter. Over the past three weeks we have sent out a few emails with subjects in big capital letters asking you to please click a button (in the email) to confirm that you want to stay with us. You see, from what we can tell, the point is that you have to physically confirm that you want to hear from us. That’s why we asked you to take that action. We asked more than once in case you missed the first email - it’s easily done! Then, quite simply, anyone who did not respond would be removed from our list. Of course, you can always re-subscribe at any time (via the link on our Contact page and HERE). We have had to disable some of the sign-up boxes temporarily while we make them compliant with the regulations but will put these back up as soon as we can.

We are getting a number of emails from people asking why they have been unsubscribed and for us to put them back on the list - we HAVE to unsubscribe you because you did not confirm to us that you wanted to STAY subscribed. I’m not sure that WE can put you back on the list either - I think, given what our research has shown, that you yourself must re-subscribe. Laura has been replying to all the emails asking about this with a link for you to do that though, so if you are one of those people please either re-subscribe directly or pop us an email via the contact us form HERE.

One more thing - I know lots of companies are saying ‘no action required’ to their GDPR emails, in other words if you ignore the email you’ll stay on their list. I honestly believe this is negating the whole point of the new legislation, because surely the point is to make consumers physically confirm that we want to be on email lists?? So I know it’s more of a faff to have to open an email and click a button but I am convinced that this is the best way to stay within the law. 

Furthermore, I realise many of you won’t know this - we pay a subscription fee to our mailing list host (Mailchimp). We pay more per month as our number of subscribers increases. So actually making sure that our audience really do want to hear from us is quite important because if you don’t and we’re paying to talk at you anyway... well, we could be using that money on yarn!

‘Update your preferences’:

Since we’ve implemented this, more information has become available that tells us we actually need to ask you to ‘update your preferences’, too. UGH, right?! So we’re going to have to email you all again to ask you to do this. This is that thing where you get a number of little tick boxes and you have to tick them to agree to things like being emailed, being called, being sent snail mail, etc. In our instance, because we’re online-only, our tick boxes are ‘newsletter’, ‘customized online marketing’*, and ‘targeted marketing emails’**.

The one you definitely need to tick in our case is ‘newsletter’. I cannot stress enough that if you do not tick this box, after 25th May we CANNOT send you our newsletter, even though you clicked subscribe and gave us your email address. (N.B. This is based on our understanding of the information that we have spent a LONG TIME trawling through, other companies may not be following this process but we want to make sure we are compliant and are respecting you and your personal data to the best of our ability)

*’customized online marketing’ is for example when you look at an item on Amazon then you go into Facebook and there’s an advert for it in your feed. It’s nothing untoward (I know it can seem a bit weird) - all it is is companies want to advertise to people who want to see their adverts, so for instance I only want to advertise to people who like yarn, and a good way to find them is if my adverts target people who have looked at yarn. 

**’targeted marketing emails’ is where say we’ve got our subscriber list, but some of you are in the northern hemisphere and some of you are in the south. We talked recently about telling those of you in the south that we’ve not got much Whitfell Chunky in Steel left and you might want to get it before it runs out - we know that it’s heading towards winter over there so you’re going to be much more interested in this information than our customers in the northern hemisphere who are heading towards summer. 

Of course, if we’d realised we have to ask you to do this in the first place, we’d have put it in our initial GDPR emails, but as is often the way with new legislations, you end up learning and adapting to it as you go along. So when you get an email from us asking you to update your preferences, please please please can I ask you to not ignore it?! At the very least if you want to hear from us you WILL need to tick the newsletter box. 

So what do ECY do with your data??

Luckily it’s very simple for us. We use your address to post you yarn; we use your email address and what you order to send you your order confirmation and shipping confirmation, our website obviously uses your payment method to take your payment, and aside from that the only thing we do is send out newsletters to tell you about yarn, knitting, crochet, and more yarn. We use a website called Mailchimp to do that, and I’ll just add here that placing an order with your email address does NOT automatically sign you up for our newsletter. Do I even have to tell you that we wouldn’t ever dream of using your information in dodgy ways? We won’t suddenly start emailing you about some random other thing (I’ve heard of that happening within the yarny community recently), we won’t give or sell any of your information to anyone ever, and we won’t turn up at your house with yarn..

For fellow businesses:

We’ve had a lot of fellow businesses asking us how we’ve done our GDPR compliance emails, and what we’ve done. Well.. we’ve read around, done lots of research, and Laura has learned an awful lot about Mailchimp in the process. 

Just to repeat in case you didn’t see this bit earlier:

We’re aware that some companies are saying customers can ignore their emails and they’ll stay on the list but we honestly feel that that’s pushing the boundary of what the new legislation is designed to do - surely the whole point is that we want people to physically confirm that they want to hear from us? So that’s why we’ve done that. It’s been a right faff, but at the end of the day the more people who are on our list, the more we pay, and if they don’t actually reeeeally want to hear from us then we’re wasting money we could spend on yarn. 

 

I hope this blog post has been helpful in explaining why we have had to do all this, and a little bit about how it all works. :) Please excuse us for any repetition or preachiness in what you have just read but this is very important to us and hopefully to you as well.

Thank you!