Speaker 0: Hello, everyone. Hope you’re enjoying MarDreamin’ so far. My name is Rana Mansour from Sercante, and I’ll be moderating today’s session. If you have a question, please post it in the q and a tab above, and we’ll try to get to it at the end of the session. Uh, now I’d like to introduce you to our speaker, Hannah Harning, uh, who has a great session ahead to help ensure your marketing practices are GDPR compliant. Over to you, Hannah.

Speaker 1: Hi, everyone. Thanks so much for taking time out of your day to attend this session. My name is Hannah Marnie, and I work for a company called ArcherPoint. Um, so I’ve rolled a couple of roles at ArcherPoint. My main roles are, um, overlap between marketing and Salesforce automation. So on marketing side, I mainly focused in the demand gen area with a concentration of marketing ops, and that’s where the, um, account engagement or formerly Pardot administration comes in. And I also came to our Salesforce administration along with one of those. So let’s get started talking about opt in strategies today and GDPR compliance.

So first, we just wanna take a second to thank the incredible sponsors that make smart dream happen every year, and this is a great conference, and I’m always happy to be a part of this. So let’s just jump into the agenda. So first, we’re gonna talk about JPR compliance, what that is, what it means to you. We’re gonna talk about some opt in methods that you can use. We’re gonna talk about setting up your system, running an email program in a JSON studio, and then how you can manage compliance after the fact. So so GDPR compliance. What is GDPR compliance? So I’m not gonna read you everything on the screen so you guys can read, um, for yourselves. But, essentially, it’s a law that was created in the EU to protect people’s data. So as we know, data privacy laws are getting stricter and stricter, and it’s really important that we’re following along. It is vitally important if you’re someone who markets outside of The United States or specifically in The EU, but it’s also a best practice in general. So if you’re in a company that’s focused outside of The US, it’s still a good practice to do this, um, because there are states that are also becoming stricter like states like California, um, that are following these types of guidelines. So it’s always a good idea. Just make sure you’re handling, uh, personal data responsibly.

But how does this impact the marketer? So there’s the legal aspect of that and then there’s in practice, what we do as marketers to make sure we’re GDPR client. So the first two bullet points are the most important, the ones we’re gonna touch on. So first, you’re gonna wanna make sure you get clear consent before using someone’s data. We’ll talk about what that is and how that works. You wanna be transparent of how you collect the data and how you use it, and specifically can also be how you score it. And then offer easy opt out methods. So if somebody requests to opt out, obviously, we want so let’s just dive into some of the methods that you can use.

So there are plenty of options out there for this. I chose I consider the three most popular methods, and you probably heard of these as well. So we’ll talk through each of these options. We have single opt in, double opt in, and granular opt in. Um, I also like to point out that this is not a one or the other, um, type of process. You could actually blend some of these options, and I can talk about specifically how we’re doing that here at ArcherPoint. So you’re not necessarily if you’re using one of these, that doesn’t mean you can’t use the other.

So let’s talk about what a single opt in is and I like to use visuals. So, um, here’s just a sample form mock up. This is what I would consider what a single opt in is. So you can see it’s very straightforward form. On that form, there’s a checkbox that is unchecked. It’s very important to keep that unchecked. And it just has some in, uh, legally or has just a short statement that you are collecting your data by in communicating with them if they check that box. So that’s actually your opt in field or opt in box. Single opt in is they check that box, it goes into your system on the back end, and then they are we consider that now an opt in leader contact.

So something to note, um, because we’re gonna show you how to set this up in account engagement, there’s a character limit on this. So this statement, I’ve chosen something really short because there’s a character limit in account engagement. You have a limit of 255 characters. So if your legal team wants something much longer, you’re gonna need to pair that down and link it out to, um, maybe a web us page on your website with the full um, information that your legal team would want you to use. Also, speaking of legal teams, obviously, because the GDPR is the law, if you have general counsel or legal team at your company, it would be best to consult them on how they would interpret this law, and they may direct that may direct you on which approach you need to take because if there’s not necessarily a clear, um, within that law, there’s not a clear, um, step by step process. It doesn’t say do this, then this. It so it’s gonna depend on how your company and your legal team actually determine that. If your company like ours so when we did this, we didn’t have a full blown legal team, then you can also just get leadership, um, buy in and work with lots of people in your company to determine what, um, you feel is appropriate. So that’s just the sample. Um, you’re you’re gonna wanna tailor that to your company. And in order for it to be opted in and truly JPR compliant, this checkbox can never be checked by default. It needs to be they need to consent. That’s part of that direct, um, consent.

So what’s the difference with double opt in? Obviously, I have the same form mock up on the left hand side, and on the right, you can see a sample email. So with the double opt in, once someone just checked that box, submitted this form, they’re gonna receive an email to their inbox, something like this over on the right. It’s the same thing for subscribing. Please confirm your subscription. So they’re gonna have to click that confirm button in your email in order for that prospect to be truly opted in in a double opt in strategy.

And then the third option is granular opt in. So this is where you pull in the preference center, um, items. So in account engagement, you can set up your preference center and you can have all sorts of subscription options. Right? News, promotions, products, updates, events, subscription options. Right? News, promotions, products, updates, events, newsletters, etcetera. There’s lots of options. It’s fully customizable. In a granular opt in scenario, you’re actually going to use those subscription options. So here’s just a sample of four generic options that you can use. So here’s just a sample of four generic options that you can use. And you can see down at the bottom, I’ve added a very similar, um, statement, but this is below the form because there isn’t that opt in box, but there are those other check boxes. So you want to provide a statement within your form saying that you’re they’re agreeing to the store and processing of their data by submitting the score. Alright.

So just a quick, um, interactive piece here. Which form is JDR compliant on the screen? Do you think it’s form a or form b? If you don’t throw it in the chat. It’s like we have a couple people who give already a second. Awesome. So, overwhelmingly, we have b in the chat, so that’s great. Everybody understands that we no longer can use that default checkbox. I know that was popular maybe ten years ago. So, yes, you’re right. Form b is the correct GDPR form. We’re not going to check it forward.

And something that came up when I was practicing my session, someone asked me a question that I think is really important to address. So why would you choose one of these more complicated options, like a double opt in or a granular opt in strategy over the simple, you know, single opt in? Well, the answer is it really depends on your company and how your company integrates a lot. So if your company wants it to be a little stricter, you may have to go with the double opt in strategy. Now if there you don’t have direction, you could choose a simpler approach. But, also, like I mentioned before, I really think a blended approach, um, is most people’s best option. So that’s why I want to give you an example about how here at ArchPoint we’re using a blended strategy for opt in. Alright.

So I’m just gonna walk you through, um, a sample cross site. So standard, you know, we get a form submission into account engagement. We send an autoresponder email. So whether or not that person is opted in, they’re gonna get an autoresponder email. And that is where why I’m saying you can use a blended approach because, technically, we’re not using a double opt in strategy, but I do like that additional step. So we’re gonna have the system consider, are they opted in or not? And within that email, if they’re not opted in, we have a dynamic content section in that autoresponder email. All of our autoresponders have this for any form bills. And that dynamic content, if they’re not opt in or didn’t initially opt in on that form, they are going we’re gonna ask them just one more time to, um, sign up, and it’s not intrusive because we are responding directly to the form. So if they fill out a request for content, then we’re gonna send them that ebook. Right? So they downloaded that. If they, um, submitted a contact us form, we’re just gonna mention that someone will reach out to them via email or phone within the next forty eight business hours. So it’s not intrusive because it’s really just an, um, it’s an additional step, but we’re kind of responding in a way that makes sense. And then that sign up is just gonna go to a standard landing page that we’ve created, and it’s gonna have all of our subscription options on it. So that’s where we’re gonna get into that granular, um, opt in approach. We’re now we’re gonna give them all the subscription options on this landing page. So if they do wanna sign up, they can choose what type of communications they want to see.

And then if they are opted in, they’re gonna get the same autoresponder email. Thanks for downloading the ebook. Here it is. Um, here’s your link. But we’re gonna change that dynamic content section to include manage preferences. So we’re gonna say, hey. You’re already subscribed. Um, you can manage your preferences here. And once again, that’s that granular opt in strategy because we are using a single opt in approach. We don’t have that granular opt in at the form level, but they can later manage their preferences through this, um, this workflow. And that’s gonna direct them to the preferences page. So some they’re already opted in, they’ve then know to choose.

Um, I’ve included a few resources on the screen, so I’m sure these slides will be available after the session. If you’re not sure if you’re using email lightning, lightning templates and you’re not sure how to use dynamic content within those templates, I’ve included a, um, session that I did at Hard Dream Inn, this is the last year, the year before that, talking about how to use dynamic content within those emails so you can follow that. And then also, preference page, there’s tons of documentation on how to set up your preference page if you have an idea. Alright.

So now that you’ve chosen a strategy, you have to set up the system, of course, to do this for you. So what does it require? Like I said, the preference page is a prerequisite. They didn’t cover it because it that could be a whole session in itself on how to set up your preferences page. So contact would be a great resource, um, if you’re not sure how to do that in house. But like I said, there’s tons of documentation online on that.

So we’re gonna add some new fields to account engagement and Salesforce. These fields should be replicated in Salesforce as well. So we’re gonna add a field called opted in along with an opt in date. We wanna record when that happened. We’re gonna use the default field opted out. That’s already in your system. We’re just gonna use that within these workflows. And then we’re gonna add a custom field opt out date for that history tracking. I like to also add a do not email field. Um, the difference between a do not email field and an opt out field is do not email is for internal use only, whereas an opt out should only ever be checked by the user. So that’s supposed to be, um, user driven. And if you need to modify a contact manually or leader contact, you can use your GMAT email field. And then, um, whatever whatever subscriptions you’re gonna have on that preference page, you’re gonna wanna have a checkbox for each of those subscriptions. So those are the samples I used for, and you’d wanna add fields in Pardot and Salesforce for that.

So the fields are the first step, but the automations are actually what’s gonna make this happen on the back end for you. Right? Because once you have the fields, you now need to collect the data. So, obviously, you’re gonna map that opt in field to your form, but the opt in date field is gonna be automated. So the first two in the sheet, which we’re not gonna read through, you can definitely get these details out of the back and plug these into your system. Um, I’ve included the criteria on the right to make it easy for you to set these up in account engagement. The first two in white, um, often date stamping and opt out date stamping are simply to record the date and when that happened. So that’s gonna be your history. You can record the date multiple times. So each time somebody opts in, you can have that password run through that automation again if you choose and update that date or you can record the first one. Um, same with opt out. And then these, um, Kerbal automations that, um, are for opt out clearing and opt in clearing, and those are optional. But I do wanna know that these must be completed in Salesforce closed, so you’re probably gonna need to work with the Salesforce administer administrator to complete these. And this is just, um, going to be a way to check if someone is opted in and opted out at the same time. It’s gonna take a look at the date fields to determine which one is more recent. So that’s essentially what it’s gonna do. If you’re not gonna use these automations, then you’re gonna need to create dynamic lists in account engagement and, um, have somebody manually checking those probably once a week, once a month at the latest, and you’re gonna wanna make sure you’re not accidentally emailing contacts who have recently opted up.

Um, so we’re gonna run through the form setup. So this is exactly how you’d set it up in an account engagement. Um, there’s the most important here is that there’s no label. Zero label, pull in your opt in field. It’s a checkbox. And then it’s very important that you have these two settings on the advanced settings checked. The always display if previously completed and the do not pre fill. That’s going to allow the opt in checkbox to be available on every form regardless if they’ve already filled it up. And, of course, you know not to previously check it. And then this is the value section. This is where you’re gonna add, essentially, the label. So this is where you’re gonna set it to true. Right? Because if they check that box, that’s a true value, meaning they are opted in. And this is where you’re gonna put that opt in language and this is where your character limit comes in. So this is where that 255 character limit happens, but you can link. You just have to put inline HTML in order to hyperlink inside this box, but it’s it’s also. Alright.

So let’s talk about the email program. So now you’ve set up you you determine your strategy. You set up your strategy on the back end. Now you need to run an email program to opt in previous contacts, um, and leads before you had the opt in strategy one. So if you’re like us, you’re gonna have a database that needs lead. So the objective of this is to opt in any existing prospects in your database, and there’s a couple of best practices I wanna highlight. First, you’re gonna wanna establish a timeline for your project. How long are you going to give them to opt in? I recommend anywhere from three to six months. You’re gonna wanna send multiple reminders. Um, one email probably isn’t enough. Anywhere from three to five will be sufficient. And you’re gonna wanna set a clear cutoff date. So this is super important. You’re saying that by x date, so let’s say it’s by the end of the year, let’s say you’re gonna run it all of q four by December 31. Anyone who is not opted in, we will no longer communicate to them unless they are. So after that call update, you can give your team a short grace period, one to two weeks. You You might have some stragglers, so there might be some data cleaning you need to do in that time period. But honoring that code update is gonna be important.

So this is, um, a screenshot of our email program that, um, for the opt in strategy for existing database. We split ours into two programs. We split it into what we call current subscribers. So we do have some subscriber information from a legacy system that we wanna, um, that we segmented and then people who have absolutely no legacy subscription information. So we split those two groups. You can do it however you see fit. You might split customers and non customers, um, or industry. You might have many different segments. We chose the four email program. We ran the program for six months, and we included branching logic. So this is the key to the program, is you’re gonna want branching logic to then go look if they opted in or not. Right? Because if they have opted in, you don’t wanna send the next emails to say, please opt in. So we use the, uh, custom redirect click with the wait set of three days to look at that before every email sent, and we’ll talk about that custom redirect.

So here on the right is a sample of an email that we sent, and we have a button that says confirm subscription. So that button is the customer direct. So I have that set up with the destination you’re out of the preferences page so they can go directly there and opt in plus choose what communications they want to see. The completion actions on this custom redirect are to change the opted in field to true and to change the opted in date to the submission date, which is the date of the click. Alright.

So I know we are running out of time, and I do wanna have time to take questions. So we’ll go through the managing compliance section briefly. So now you’ve ran the program and you let’s say you get exceeded that cut up date. We’ve we’re now into 2025. You ran you there’s the cutover period has happened. And now you have to manage the compliance. Right? So how are you gonna do that? So here’s some tips. One, I would recommend at the beginning of this process to assign a GDPR compliance champion or lead or multiple people to be a lead for this project. Those are the people that are gonna govern it. We govern this program after the fact too. Um, these people will be responsible for training the team regularly. Right? So there’s lots of marketing. Um, there might be more than one um, team member using account engagements. You’re gonna need to train your entire team. Also, limit the access. Right? Limit editing access on any compliance skills. Not everyone should have the ability to opt in and opt out people, um, prospects. So if you have the ability to limit that, I would. And on the Salesforce side, since these are gonna be synced over, you know, most likely your sales individuals don’t need to see these fields at all. And if they do, they definitely only need real access. So limit your permissions on your compliance fields. You’re gonna wanna audit the prospect data regularly. So, like I said, if you didn’t set up those automations, you’re gonna need to do that manually and look at that probably weekly at the at the least. And then, um, use a master exclusion list. So this is just a really good practice. You should pull everyone. You should communicate with them. Right? If they’re not if they’re opted out equals true, they’re on a master exclusion list. We don’t wanna communicate with them. Do not even email equals true. They’re added to that master exclusion list. And make sure that’s being used for all email sets. So you might wanna spot check some of your emails after you’ve enforced this, but make sure you’re spot checking to make sure individuals are using the master solution list. You’re not accidentally pulling in prospects they shouldn’t. And then, um, make sure you honor unsubscribe. Right? If they opt out, do not email them. Again, it’s just a bad practice and update your opt outs. If you get one that’s offline, like, David’s saying, please take me off your list. Make sure you go into your system right away and remove them. Manually opt them up. Alright.

So let’s wrap it up with a few takeaways and then we can move on to questions. So before launching your campaign, like I said, you wanna sign that lead and ensure that that person’s gonna be in charge of compliance and training. During that campaign, make sure you set up those automations to accurately track your opt ins and opt outs, and specifically those dates. And then after your campaign, make sure you are conducting regular audits and utilizing that master exclusion list to maintain accuracy. Well, that’s all I have for you guys today. I know that was packed. There’s lots you can talk about with this, um, so I just wanted to hit the the, uh, basics. So now I’m open to questions.

Speaker 0: Thanks so much, Hannah. Uh, that was very insightful session, and we do have a few minutes for q and a. Uh, we had some good engagement in the chat, and we do have a question from Michelle Crawford. Um, you had showed the form. I believe it was the granular form, uh, for opt in. And she had asked, is a text saying by filling out this form, you are opting in with no checkbox. Is that compliant, or is that considered compliant? If you’re just kinda, like, showing the text to say that by checking this or filling out this form, you are opting in.

Speaker 1: So I would, um, I would use that with caution. I will say in that scenario, we only use that in one scenario. So we do have our, um, we have a subscribe form on right next to our blogs, and that’s actually where we use that scenario. So and that’s where the language at the bottom. So they fill that form in, which very clearly states, you know, subscribe to ArcherPoint blogs or news. If they filled out, we are considering that an opt in, but that’s the only scenario we’re using that. But it’s because it’s very clear on that form. But I would use that with caution and I would not probably use that as your primary form strategy.

Speaker 0: Perfect. Thank you. Um, another question that came through is from Erica Hoff. We have a lot of prospects on our list that are operational emails only. They may have been flagged by sales, um, or outdated information. Have you run opt in to those groups?

Speaker 1: So we actually, um, we’re in the process of cleaning this up again, but, um, yes. So I would run to your entire database, um, because unless you’re confident your data is accurate and that whatever is in your do not email and things like that, if you feel that’s accurate, then I would, um, leverage that. But if you feel like you need to clean it up, which is what we were doing because we were coming from a legacy system, we came from a different system on to Pardot. Um, so that’s why we decided to run our whole database through this process.

Speaker 0: Perfect. And getting a lot more q and a as we’re kinda going through, so that’s great. And Erica says thank you. Um, Yu says, if a prospect did not accept cookies but submitted a form when they click the custom re redirect and the CTA button in the email that you had showed, will the completion actions be triggered?

Speaker 1: So, yeah, I think the answer to this is yes if I’m hearing it correctly. The custom redirect is entirely separate from the cookies. Uh, so if they click through on their custom redirect, they’ll be opted in regardless if they accept, like, your cookies on the website. I hope I got my question right. If it’s a different question, uh, feel free to spell something else in the chat.

Speaker 0: Yeah. So I think with, like, um, customer redirects, usually, like, the completion actions that do trigger, they would have to be before, I believe, cookie, but we can kinda get back to them on that one. But, yeah, no. It was a great question, Yu. Thank you so much. Any other questions have come through? I know, uh, one thing I wanted to ask is, um, so other than for double opt and other than being, you know, GDPR compliant or more safe in that sense, Um, there was some comments in the chat about, you know, there are additional benefits because there are people who actually wanna hear from you. Right? Do you see any other benefits of the double opt in?

Speaker 1: Yeah. I think one, it confirms you have a legitimate email address. Right? So it immediately bleeds out the junk. So that is a major bonus of that strategy because you’re gonna get a bounce back immediately and you can kill them from your database and your regular kind of cleaning exercises. Um, so I think that’s really important because you hate for sales or someone else to be trying to reach out to them or a BDR and then not be a real email address. Um, so I think that and then also yeah. I think it just if they have clicked twice or if they have gone through this process, they definitely wanna hear from you so you have a more engaged audience. I think that that’s actually the benefit of opt in in general is, um, even though it’s gonna limit how many prospects you can communicate with, you are going to have higher engagement rates because those people actually want your

Speaker 0: Definitely. Yep. Those email metrics will definitely improve there. Awesome.

Speaker 1: Okay.

Speaker 0: Yes, Katie. That’s the goal. We have to get through the noise, gotta reach out to the audience who wanna hear from us and improve those engagement.

Speaker 1: Yeah. You’re not doing yourself any favors, just blasting out emails to people that don’t wanna hear from you. So 100%. Awesome. Well, thank

Speaker 0: you so much. I’m glad we got through a bunch of q and a’s and really appreciate, uh, your time today. So thank you, Hannah, for that. Um, if you have any other questions, you can reach out to Hannah, uh, through the event chat. But this concludes today’s session. Um, so thanks for joining us, and special shout out to our sponsors for their support. Without them, our agreement would not be possible. Um, head over to the agenda and check out other sessions you’d like to join. And after this, you’ll just gonna get routed to the next session. So I’ll see you see you in the other sessions.

Speaker 1: Have a

Speaker 0: good day.

Speaker 1: Thank you so much, everyone.

Speaker 0: Thanks, Anna.

Speaker 1: Bye. Bye.