Sorted for E-Receipts & Wizzy Recommended Practices (with apologies to Jarvis Cocker!)
28 Oct 2016
Brands are increasingly offering customers the opportunity to obtain an e-receipt at point of sale. Although ostensibly providing an electronic record of the transaction, some may believe this also satisfies soft opt-in requirements, meaning the brand automatically obtains consent to send marketing emails to these customers.
The Privacy and Electronic Communications Regulations (PECR), the primary legislation governing email marketing in the UK, has the following on soft opt-in:
You may send or instigate the sending of electronic mail for marketing purposes to an individual subscriber where:
- you have obtained the contact details of the recipient in the course of a sale or negotiations for the sale of a product or service to that recipient;
- the direct marketing material you are sending relates to your similar products and services only; and
- The recipient was given a simple means of refusing . . . the use of their contact details for marketing purposes when those details were initially collected and, if they did not refuse the use of those details, at the time of each subsequent communication.
Assuming that acquiring a customer’s email address for an e-receipt satisfies the requirements for soft opt-in would be incorrect:
- Brands must still tell customers signing up for e-receipts that they are also signing up for direct marketing, and provide them with an opportunity to opt out.
- Also, consumers who do not unsubscribe from marketing messages have not consented to receive marketing messages. They have only said that for the time being they do not object to receiving such messages
When the General Data Protection Regulations (GDPR) comes into force in May 2018 brands will have to enable customers to sign up to e receipts without getting marketing. They will therefore require 2 versions of the e- receipt - one with marketing messages for customers who agree to get marketing messages and one without for those who do not.
Interestingly, GDPR does include the following clause: The processing of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest. It is our interpretation that the legitimate interest clause has nothing to do with soft opt in, and an excellent blog post on this topic by my fellow councillor Steve Henderson is worth reading.
But to be honest, customers themselves are likely to have a different view anyway. Most probably aren’t even aware of soft opt-in - the most recent DMA Email Tracking Report contained the following sobering findings:
Almost half of consumers (47%) sometimes wonder, “how brands got my email address”, with a third (35%) often or always wondering this. This represents 83% of the total, with a minority (17%) rarely or never wondering. At some point, 96% of consumers have wondered how a brand got hold of their email address. This is not a good message for the industry.
If consumers don’t believe they have provided consent to receive marketing emails (see above), they are more likely to respond negatively when it happens. Increased spam complaint and deleted unread activity sends out a strong negative signal to Mailbox Providers like Microsoft and Gmail, and ultimately impacts on program performance.
This is reinforced by Yocuda, a leading provider of e-receipts technology:
It is very important for the interest of both your customer and email deliverability that e-receipt and marketing opt-ins are kept separate. As we’d hope, Yocuda recommends not adding e-receipt opt-ins to your marketing database without actively asking the customer if they wish to opt-in to marketing messages. If you want to grow your marketing list, you should follow recommended practices and train your staff to follow up with something like “By the way, we send weekly updates and promotions via email – would you like to sign-up?”
So maybe – even when consent is implied by soft opt-in – recommended practice should still be to request it explicitly. GDPR does not amend the provisions of PECR, but the shift towards a requirement for explicit consent makes this even more important. While there is no formal definition for explicit consent, email program owners should ensure that consent is freely given, specific, informed and unambiguous.
The DMA’s Email Council discussed this topic in the context of e-receipts, and we agreed on the following 10 recommendations:
- Ensure the person collecting email addresses has a clear process to follow. This could be something like “would you like to receive marketing emails as well as your receipt?”, and then recording the response as part of the data capture process.
This example from Gap clearly illustrates the data capture screen developed for this purpose, and some of the questions till operators should ask:
- Ensure the transaction environment also conveys this message. Halfords customers are clearly informed “we will keep you up to date with our fantastic offers“
Remember that customers must be able to see this before they reach the tills, which may not always be the case in a busy retail environment
- Especially because data capture is a manual process, use some form of email address validation. Not only may the address be entered, incorrectly – it could actually be some else’s valid address, which will definitely cause a negative response! This example from Groupon provides an illustration of how this technology works.
- Implement a confirmed opt-in process. New subscribers are informed their addresses will be used for email marketing, and they should click to activate their registration if they are happy with this. This wouldn’t necessarily happen in store, but would act as an additional safety check to ensure customers don’t start receiving marketing emails they didn’t intend.
- When the e-receipt is sent, include a message explaining the address owner has also been opted-in to receive email marketing. This should include:
- An explanation of how he/she will benefit.
- A clear statement about what will be received, and how often.
- Provision of choices about content and frequency.
- A simple means of opting out.
Moving forward the information provisions required under the GDPR will also have to be included in this email message. See the Information Commissioner’s Office’s (ICO) Preparing for the General Data Protection Regulation document for more on this.
- The same applies to the email marketing program. The first message/s should be a welcome email/series, whose function should incorporate the points listed above. The same comment about GDPR information provisions in point 5 is also applicable here.
- Senders can also use e-receipts to obtain consent to receive marketing emails. Argos recipients are invited to sign-up at this point.
- E-receipts themselves can contain some marketing content, but always bear the primary purpose of the email in mind. Have the transaction details on top and marketing content at the bottom, and ensure the receipt vs marketing content has a fair balance.
DMA legal opinion is that this may change in future as GDPR requirements are enforced. Although the ICO has tolerated this in the past, the new focus on customer control means they may no longer do so in future.
- Be particularly careful if the relationship between transaction and consent is unclear to the email address owner. We heard from one email council member who had used website X to purchase product Y, and then started to receive marketing emails from the latter. This approach is not permitted under the soft opt-in exemption
- Finally, continue reminding subscribers how they came to be members of the email program. A message in the email footer like “you are receiving these emails because you provided your address as part of a purchase transaction with us on [Date]” reinforces the fact that the consumer agreed to receive marketing emails.
Want to learn more about e-receipts? Have a look at this great series on the topic published earlier this year: