My Mailing List is GDPR Compliant – How About You?

The European Union’s new privacy rules, the GDPR, takes effect next Saturday.

The new regulation requires, among its many measures, that every website publish a privacy policy detailing how they use the data they collect from customers and visitors. We also have to sanitize our mailing lists by confirming that we actually had people’s permission to send emails.

There’s obviously more to GDPR than that, and I will go into it in detail in the newsletter I am sending on Monday. This post is less about the new rules than  about our experiences with compliance.

I’d like to hear about the problems you encountered. For example, how many email addresses are you going to have to remove from your mailing list?

After a careful check, I found that I have exactly 24 emails (out of thousands of subscribers) where I hadn’t made it clear that people were signing up for a mailing list.  Those two dozen emails were given to me in exchange for a free ebook, which means I have to get their permission before sending them another email.

Have you encountered problems complying with the new rules?

If you share your story below, maybe we can help.


Nate Hoffelder

View posts by Nate Hoffelder
Nate Hoffelder is the founder and editor of The Digital Reader. He has been blogging about indie authors since 2010 while learning new tech skills weekly. He fixes author sites, and shares what he learns on The Digital Reader's blog. In his spare time, he fosters dogs for A Forever Home, a local rescue group.


  1. Fahirsch19 May, 2018

    But if your site is not hosted in the European Union, do you have to comply with the GDPR?

    1. Nate Hoffelder19 May, 2018

      From what everyone has told me – yes.

    2. Krzysztof Zemczak20 May, 2018

      Yes. Or you just ban your european visitors. But it doesn’t sound like a good idea 😉

  2. Allen F20 May, 2018

    And if their email address is your only link to those 24, how are you going to ask them permission to email them if not by email? (me loves catch 22 thingies … 😉 )

    1. Nate Hoffelder20 May, 2018

      I thought that was going to be a problem, but the new rule doesn’t go into effect until next Saturday, so I can send all the emails I want.

      1. Hannah Steenbock22 May, 2018

        Yup, time to do it before that. Or just drop those 24 subscribers and hope they’ll come back eventually.

        1. Nate Hoffelder22 May, 2018

          I took care of it this morning – most were dropped.

  3. Darryl21 May, 2018

    It is doubtful that the EU can enforce this outside the EU if you have no property or presence in that Nanny State. The problem is, of course, that if you don’t follow it and are on their radar and you happen to visit Europe, don’t bargain on coming home too soon. And, of course, if you have happen to have any money in that Nanny State that can be seized to pay fines …… But on the bright side, before long you will be able to still visit the UK!

    1. Nate Hoffelder21 May, 2018

      You’re probably right, but I also have to work with people in the EU. If I follow the rules then it will be easier for me to help them do so.

    2. webbasan22 May, 2018

      Don’t forget that it goes also in the other direction: You also have to be compliant to US rules if you don’t sit in the US – “or else…” 😉

      So be careful with that “Nanny State” – it might backfire… 😉

      Many rules may look “insane” at first glance from an outside view, but in this case this ruling is something that many citizens fought for for years and beaten up their parliament representatives to vote for it… 😉

  4. Hannah Steenbock22 May, 2018

    I’m working on it (and trying not to scream).

    My newsletter list is minuscule, and I’ve always used double opt-in with it, so I don’t have any problems there. Worse is the privacy policy statement, because my website is bilingual. I’ll dig around for some templates…

    1. Nate Hoffelder22 May, 2018

      TBH my privacy policy is copy-pasted from the same boilerplate used on a few million sites. I then added a few bits recommended by the policy generator in WP, and called it good.

  5. fahirsch22 May, 2018

    Do you know of a WordPress plugin to delete commenters email addresses?

    1. Nate Hoffelder22 May, 2018

      Not off the top of my head, but I bet there is one. Check the GDPR compliance plugins.

  6. […] I brought my mailing list into compliance with the GDPR, I identified 24 subscribers that I needed to ask permission to continue sending them emails. Only 9 granted that permission, […]


Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Scroll to top