If you’re like me, over the past week or so, you’ve received an absolute ton of e-mails from companies asking you to opt-in to receive their newsletters or to remind you of their privacy policy.

On Friday, May 25, GDPR went into full effect — a regulation made to protect European citizens’ data privacy.

If you’re solely a US-based business, with absolutely no interaction with European customers, you don’t have anything to worry about. But if you have even one European customer — whether they just receive your e-mail newsletters or are a paying customer — you should make sure to get on top of GDPR if you haven’t already.

Privacy Policy and Receiving Consent

One of the first things you’ll want to do is to create a privacy policy on your website. Even if you’re not affected by GDPR, this is still a good idea, as it ensures your customers that you’re not doing things like selling their personal data.

Under GDPR, you must be clear about why you are collecting personal data. This should be explicitly mentioned in your privacy policy.

Finally, you should also make it clear that your customers are giving consent. For example, if you have an e-mail newsletter form on your website, you should now have a checkbox that reads something like “By signing up you agree to have your e-mail address stored for customer communication.” For your contact form, you should write something similar.

Your consent messages don’t have to be stingy — feel free to have a little fun with them if it suits your personality.

Using Platforms That Are Compliant

One of the easiest things that will help you is to choose platforms that are already GDPR compliant. For instance, some WordPress themes like Jupiter will default to including a consent message on every form. CRM solution StudioNinja (here’s how they can help you be compliant) and e-mail marketing company MailChimp are already on top of things.

Using platforms that are fully compliant will also help in tracking your customers, finding out how they subscribed or where they came from. It’ll also help if customers need to remove some or all of their data for any reason.

Do I Need to E-Mail My Subscribers and Have Them Opt-In?

Despite receiving countless e-mails asking to do so, this actually isn’t required. The biggest reason — you already have consent. Your subscribers entered their e-mail address and clicked “Subscribe” on your newsletter signup form. If this isn’t how you captured their data though, it’s best to be safe and send out an e-mail to them.

If you had people sign up for an e-mail list by prompting them to “receive a free eBook,” and you didn’t warn them about any other marketing e-mails that would be sent to them, this is another reason to reach out and have them opt-in again.


There’s a lot more to GDPR, which you can read up on the GDPR Portal website. But long story short, there’s not much you have to worry about. Make it clear that your customers will receive e-mails from you, that you’re not selling their data, and you should be good to go.


For more on Photography Marketing, see our weekly column.