Comment by EGreg
13 hours ago
I have done the opposite We had a million people enter their email over the last decade We haven’t messaged a single one.
Now we plan to start sending out a newsletter. For many, they may have forgotten downloading the app, but they might still appreciate it. If not - they can u subscribe.
Don't do that, it will be disastrous for you.
Instead, send them a politely worded one-time announcement with an invitation to subscribe. Clearly mention that if they don't, this is the last mail they'll get from you, and keep that promise by deleting their address. You'll still get some pushback, but I think most people would find that acceptable.
At least with your suggestions there's some chance that their newsletter won't instantly get flagged as spam.
I'd do what you suggest, but send the newsletter from an separate domain once subscriptions have been confirmed.
That one-time announcement is called an email. And therefore that first announcement itself can be flagged as spam.
And naturally, unless they click a link in the first email, gmail should consider anything subsequent to be spam anyway. They have no idea whether consent happened somewhere else or not.
The unsubscribe links must work without even opening the email, according to gmail rules.
5 replies →
> over the last decade
Be aware that under various regulations, you're potentially already at risk of accusation in terms of unwarranted data retention. If you haven't got a good reason to have kept those email addresses, something like the GDPR might not interpret that favourably. While the GDPR doesn't specify actual time limits, they are expected to be proportionate. Financial records are generally 7 years unless otherwise legally required, so for a decade, you would be saying that these email addresses are more critical/valid than that. That may be the case, I don't know your business, but be careful if you don't want some very awkward questions asked. Just the hassle of having to deal with complaints you might get (and various regulators would take notice of 1 million instances) is likely to be more than it's worth for most.
The suggestion downthread to send a very clear "we still have your address, would you like to opt in to this newsletter, otherwise we'll remove it" is not a bad one, but even then, some people will object to you still having it at all.
People originally opted in and provided it expecting to get a newsletter on how to use the app. We never seemed to have the bandwidth to create a good enough one, so we never sent it. We kept improving the app until it became very good and still never sent the emails. But retained the addresses, so that one day we could tell people the app has improved, to give it a try, include animated GIFs of it in action and gradually educate them on ways to use it. For that I get chastizement on HN, figures.
Yes, there is a clearly valid business purpose under GDPR for retaining the email addresses of users who want to learn how to use your app better and opted in. If you plan to send a newsletter out.
Other than those voluntarily entered emails (which aren’t even linked to the user), we haven’t retained literally any information about our users, despite having millions of users download and use the app over a decade. Which is far beyond pretty much any social app I know. But almost no one actually cares.
> For that I get chastizement on HN, figures.
I really wasn't trying to chastize, honestly it was intended as a friendly dollop of advice as someone who's dealt with this kind of thing. But since you have replied, I would say:
> Yes, there is a clearly valid business purpose under GDPR for retaining the email addresses of users who want to learn how to use your app better and opted in.
Relevance is likely to be seen as contextual. Someone wishing to do something a full decade ago is not likely to be seen as sufficient evidence to justify contacting them now in case they still wish to. That's a big chunk of the point about time-limiting data retention - the data gets less relevant and more problematic over time. I get that you're not trying to colour outside the lines here, but from the perspective of your users, and anyone looking at their potential complaints from a regulatory perspective, the window in which they reasonably consented to contact has closed (and probably some time ago).
The regulations are there, ostensibly, to protect consumers. They will be interpreted in that light. I can almost guarantee that if you sent an email to your downloader base 10 years after they last heard from you, being ignored will be the best case, and the worst will be reports to local regulators.
1 reply →
Oh my God don't do that
So you’re retrospectively assuming consent? Gross.
No, the consent was given, recorded, and never acted upon. It had no expiration date. Many of those people are still using the app today.
> It had no expiration date
- non-legally speaking, consent for anything is never illimited in time. So whatever the law says, you're probably doing a dick move, I'm sure you can conceive that most people you're going to email would rather not get this email and you're planning to do it anyway. So if you act against these people's interest, don't be surprised if they react negatively (reporting the email as spam, complaining, reporting you to authorities)
- legally speaking... IANAL, but I don't think that you're correct that you have a legal basis to have kept this data, and even less to use it for marketing purposes. I don't think that you'd win the argument that the consent is still "informed" after many years of not hearing from you. If a reasonable person would no longer expect to hear from this company, then I don't think you still have consent under GDPR (could be wrong, IANAL)
1 reply →
Complete assumption on your part.
It was a question with an assumed answer which I think is pretty likely. It wasn’t presented as fact.
I think at this point it’s pretty reasonable to assume the worst of email marketers, and I don’t care if you think otherwise :)
1 reply →
My reaction would be to report spam with a vengeance