What You Need To Know About the GDPR and Email List Marketing | WhoisXML API

Email Verification Blog &
How To Guides to Obtain Email Verification Data

Read the other articles

What You Need To Know About the GDPR and Email List Marketing

Posted on October 26, 2018

In the modern marketplace, business leaders must work hard to reach new customers and stay in touch with existing ones. Creating e-mail lists and verifying them is often a cost-effective and reliable way to boost marketing efforts. Of course, when executing a marketing program, no business owner wants to run afoul of the law. The General Data Protection Regulation is an important scheme to consider. With all the noise surrounding business, marketing and law, one may wonder how GDPR affects marketing and e-mail lists.

GDPR and email list marketing

What Is the GDPR?

It can’t be disputed that the world is becoming an increasingly digital place where individuals conducting business with organizations often provide their personal information. Sometimes, businesses acquire information from third parties without ever requesting it from actual consumers. As is known, individual information can be sensitive. Thus, consumers expect businesses to take steps to safeguard private data.

In 1995, the European Union passed the Data Protection Directive. While the directive created a framework for companies that correspond with consumers via e-mail, it didn't do much to deter misconduct. The GDPR changed that in 2012. If your organization does business inside the EU and buys e-mail marketing lists, you must comply with the GDPR because if you don't, you may face significant fines and other penalties.

How Does the GDPR Affect Email Lists and Marketing?

Businesses that use email lists for marketing efforts must comply with the GDPR, assuming they do business in the EU. Essentially, consumers must give consent for virtually everything involving their email addresses. When an organization collects e-mail information initially, it must be certain that those e-mail addresses are validated and that each consumer provides informed consent. While this seems basic, it does present some challenges for motivated marketers.


Educating consumers and obtaining consent is trickier than it sounds. Gone are the days when companies could hide policies in long blocks of legalese. The GDPR mandates that businesses must use clean and understandable language to inform consumers.

Incentive Drawings

When collecting e-mail addresses, businesses frequently use fishbowl-style drawings. This paradigm is common at both B2B events and trade shows. When attendees visit a booth, they drop their contact information into an incentive drawing. Marketers use this information to create lists that businesses can use to increase revenue and profit. With the GDPR, business leaders must rethink these drawings in a couple of ways. First, they must make all entrants eligible for prizes. More importantly, though, they must obtain informed consent prior to marketing to those who left behind their contact information.


Another important facet of the GDPR addresses unsubscribing from marketing emails. Businesses must provide consumers with a convenient and understandable option for leaving the list. Marketers must also be careful with passing on email lists. Any time organizations share contact information, they must inform their consumers and obtain specific consent. This is true even if the company is sharing email information with a subsidiary, parent or sibling organization.

Unsubscribing from an email list

Final Thoughts About the GDPR

Companies that run afoul of the GDPR face significant monetary penalties. They also often need legal representation throughout investigations. If your organization uses email lists as part of its marketing strategy, you must comply with the GDPR. Fortunately, once you understand the basic framework, you will be able to avoid fines.

Read the other articles
Try our Email Verification API for free
Get started
Have questions?

We are here to listen. For a quick response, please select your request type or check our Contact us page for more information. By submitting a request, you agree to our Terms of Service and Privacy Policy.

Or shoot us an email to