Liberal Democrats

GDPR Re-Consent Guidance

Lib Dem held non-member email addresses post 25th May

With new laws coming into forcing in late May, many of the email addresses the party currently has can continue to be used. However, some cannot be used unless we get consent before the legal deadline. This document sets out what you can do in order to ensure the number of email addresses in your area which become unusable is kept to the smallest number possible.

This document applies to non-member email addresses held by the Liberal Democrats. The email addresses of members are subject to different rules and do not require any reconsenting or actions at this stage.

Email addresses collected by the Liberal Democrats comply with existing laws. Post 25th May, laws governing use of electronic communications (PECR and GDPR) will be tightened.

To ensure we comply with these rules, we are introducing a new email retention policy and will be taking steps to remove non-compliant email addresses from our systems. A new GDPR compliant Fair Processing Notice and Privacy Policy is being introduced covering the collection and use of all future email addresses.

Existing Liberal Democrat non-member email addresses will be treated as having consent collected pursuant to DPA standard prior to May 2018 providing the following criteria are met:

1.They have not unsubscribed from receiving emails.

AND

2.They engaged with an email by either opening or clicking a link in an email during the last 12 months OR

3.We can prove a GDPR compliant consent has been granted OR

4.They have made a donation of £500 or more in the last 5 years.

For any subscribed email addresses that do not meet these criteria, a reconsent campaign to completed by 25th May will be necessary using GDPR compliant consent wording.

Dead email addresses, unsubscribed email addresses and email addresses that do not meet the criteria laid down above will be removed from our systems post 25th May.

A new Email Best Practice Guide to help staff and members understand and follow the rules will be produced and circulated. Training based on this guide will be rolled out across the party to ensure legal practices are followed.


Email reconsent programme

The reconsent campaign applies to email addresses that;

  1. Have subscribed to receive communications
  2. Have not engaged in the last 12 months
  3. We cannot prove GDPR compliant consent for

Where an email address has opted-out of receiving our communications, this must be respected. We cannot contact them regarding reconsent.

For those email addresses that the Federal Party has permission to email, the Federal Party will carry out the reconsent programme. For addresses that are strictly for local use, local parties need to carry out the programme.

This programme will begin immediately after the local elections on 3rd May. We will aim to reach people at six times before the 25th May deadline. Templates materials have been provided at: 

What local parties need to do will depend on the email system they use. See details below (areas where local parties will need to act are highlighted):

Connect

Email addresses in Connect, that are not in a bulk email platform such as Mailchimp, NationBuilder or Prater Raines, can be kept where there is evidence of consent to GDPR standards.

Otherwise, if they meet the criteria of the reconsent campaign, i.e., they have engaged with an email in the last year, etc., then they can be treated in the same way as email address in bulk platforms.

Email addresses without clear evidence of consent, and who have not been contacted, should not be included in the reconsent campaign.

Once the reconsent campaign is completed, data in Connect will be refreshed with email addresses that have either engaged, or have been reconsented.

Salesforce

Under no circumstance should you reconsent email addresses in Salesforce. All emails addresses that sit in Salesforce either belong to Party members or to individuals who have contacted the Party with an opertational query/complaint. 

For the former we do not need to reconsent members, and for the latter we have no grounds to contact them.

Who doesn't need reconsenting?

In addition to those matching the key criteria, there is also a short list of groups where at this time we don't need to seek reconsent. Such might change later in the year when new legislation around Electronic comms comes into force;

  • Press contacts
  • Commercial contacts
  • Party member

What to do with Emails we don't get consent to use

Email addresses not consented should be marked as not consented / do not contact from May 26th. Consents received after that date can continue to be processed and those email addresses then marked as opted in / can email.

Email addresses not consented should be kept in line with our data retention policy, and therefore deleted in 1 year, on May 25th 2019.

Sign up or log in using: or

Join us today

Britain needs Liberal voices. Add yours to ours and be part of what comes next:

Meet our MPs

Your Liberal Democrat MPs