Scenario 3 – GDPR compliance through recipients’ consent
The provisions of the GDPR apply to you. You store and process personal data obtained through tracking. You use this data to create user profiles and/or target groups.
Scenario 3 | |
---|---|
Consent for person-based tracking |
Obtain and maintain the recipients’ consent. |
For this scenario, you must take a series of measures. Here, it is a matter of obtaining consent for person-based tracking from your recipients. At the same time, you should familiarise yourself with new and extended functionalities that you should use, where appropriate, in connection with the GDPR – for example, in relation to action sequences.
The following checklist provides an overview of the required measures and extended functionalities of Inxmail Professional 4.7 and 4.7.1.
Checklist
Act. This means you need to take action. |
||
---|---|---|
Enable inclusion of consent for person-based tracking | ||
In the advanced properties of the mailing list, select the value Include for the Include consent for person-based tracking property. (You can also apply the global settings if the Include consent for person-based tracking advanced property is enabled.) |
||
Obtain consent to person-based tracking |
||
![]() |
Integrate Tracking Permission element into the "Subscription" dynamic Web page |
Details |
![]() |
Integrate Tracking Permission element into HTML subscription form ("Subscription Servlet") |
Details |
![]() |
Integrate Tracking Permission element into the "Profile management" dynamic Web page |
Details |
![]() |
Integrate Grant tracking permission link type into mailings |
Details |
![]() |
Include tracking permission in manual and automatic recipient import |
|
Give recipients the possibility to withdraw their consent to person-based tracking | ||
![]() |
Integrate Withdraw tracking permission link type into mailings |
Details |
![]() |
Integrate Tracking Permission element into the "Profile management" dynamic Web page |
Details |
![]() |
Include tracking permission in manual and automatic recipient import |
Configure and check. Here you only need to take action if you use the corresponding functions. |
||
---|---|---|
New Tracking Permission column in the recipient table | ||
The Tracking Permission column shows whether or not a recipient has granted consent for person-based tracking. You can change the values here manually. Be aware, however, that you may only set the tracking permission to the value |
Details | |
Action sequences |
||
![]() |
Check actions based on the Click on a certain link event. Actions based on the Click on a certain link event will be executed only for those recipients who have granted consent for person-based tracking. It may be sensible to obtain your recipients’ consent for person-based tracking before continuing to work with such an action. You can change this standard behaviour if necessary. |
Details |
![]() |
Familiarise yourself with the new events and actions in connection with the tracking permission, and check whether their use is meaningful in your application contexts. | Details |
Synchronise consent for person-based tracking between mailing lists | ||
![]() |
Create an action sequence with the Import Tracking Permission action. (The triggering event could be Subscription of a recipient, for example.) |
Details |
Target groups | ||
![]() |
Check target groups based on recipient reactions. Target groups based on recipient reactions will contain only those recipients who have granted consent for person-based tracking. It may be sensible to obtain your recipients’ consent for person-based tracking before continuing to work with these target groups. |
Details |
![]() |
When creating target groups, take account of the new Tracking Permission condition where appropriate. | Details |
Online parameters (encryption) | ||
![]() |
The [%online_params] command encrypts online parameters. If you wish to transfer online parameters in unencrypted form to a Web application, for example, you can do this using the [%online_params_unencrypted] command. |
Details |
Pass link parameters only when you have consent for person-based tracking | ||
![]() |
Check whether you pass recipient attributes to Web applications. Make the data transfer dependent on consent for person-based tracking by integrating [attribute, considerTrackingPermission]. |
Details |
Inform yourself. Here you don’t need to take action. However, you should be able to correctly understand or interpret the way in which Inxmail Professional behaves. |
||
---|---|---|
Reports | ||
![]() |
The results in the reports for data obtained through person-based tracking, such as the open rate or the clicks per evaluable link, remain unchanged, as anonymised clicks are also unique clicks. | Details |
Mailing – "Check" workflow step | ||
![]() |
The results in the reports for data obtained through person-based tracking, such as the open rate or the clicks per evaluable link, remain unchanged, as anonymised clicks are also unique clicks. | Details |
For integrators |
||
---|---|---|
REST API/SOAP API | ||
![]() |
Check whether you must adjust the API interfaces to external systems, in order to transfer the tracking permission (for example, to a CRM system). |
(REST) |