Skip to main content

My Mailing List is GDPR Compliant – How About You?

The European Union’s new privacy rules, the GDPR, takes effect next Saturday.

The new regulation requires, among its many measures, that every website publish a privacy policy detailing how they use the data they collect from customers and visitors. We also have to sanitize our mailing lists by confirming that we actually had people’s permission to send emails.

There’s obviously more to GDPR than that, and I will go into it in detail in the newsletter I am sending on Monday. This post is less about the new rules than  about our experiences with compliance.

I’d like to hear about the problems you encountered. For example, how many email addresses are you going to have to remove from your mailing list?

After a careful check, I found that I have exactly 24 emails (out of thousands of subscribers) where I hadn’t made it clear that people were signing up for a mailing list.  Those two dozen emails were given to me in exchange for a free ebook, which means I have to get their permission before sending them another email.

Have you encountered problems complying with the new rules?

If you share your story below, maybe we can help.


Similar Articles


Fahirsch May 19, 2018 um 10:53 pm

But if your site is not hosted in the European Union, do you have to comply with the GDPR?

Nate Hoffelder May 19, 2018 um 11:07 pm

From what everyone has told me – yes.

Krzysztof Zemczak May 20, 2018 um 4:38 pm

Yes. Or you just ban your european visitors. But it doesn’t sound like a good idea 😉

Allen F May 20, 2018 um 5:15 pm

And if their email address is your only link to those 24, how are you going to ask them permission to email them if not by email? (me loves catch 22 thingies … 😉 )

Nate Hoffelder May 20, 2018 um 6:39 pm

I thought that was going to be a problem, but the new rule doesn’t go into effect until next Saturday, so I can send all the emails I want.

Hannah Steenbock May 22, 2018 um 5:57 am

Yup, time to do it before that. Or just drop those 24 subscribers and hope they’ll come back eventually.

Nate Hoffelder May 22, 2018 um 10:04 am

I took care of it this morning – most were dropped.

Darryl May 21, 2018 um 12:50 am

It is doubtful that the EU can enforce this outside the EU if you have no property or presence in that Nanny State. The problem is, of course, that if you don’t follow it and are on their radar and you happen to visit Europe, don’t bargain on coming home too soon. And, of course, if you have happen to have any money in that Nanny State that can be seized to pay fines …… But on the bright side, before long you will be able to still visit the UK!

Nate Hoffelder May 21, 2018 um 12:50 pm

You’re probably right, but I also have to work with people in the EU. If I follow the rules then it will be easier for me to help them do so.

webbasan May 22, 2018 um 5:00 am

Don’t forget that it goes also in the other direction: You also have to be compliant to US rules if you don’t sit in the US – "or else…" 😉

So be careful with that "Nanny State" – it might backfire… 😉

Many rules may look "insane" at first glance from an outside view, but in this case this ruling is something that many citizens fought for for years and beaten up their parliament representatives to vote for it… 😉

Hannah Steenbock May 22, 2018 um 5:55 am

I’m working on it (and trying not to scream).

My newsletter list is minuscule, and I’ve always used double opt-in with it, so I don’t have any problems there. Worse is the privacy policy statement, because my website is bilingual. I’ll dig around for some templates…

Nate Hoffelder May 22, 2018 um 8:48 am

TBH my privacy policy is copy-pasted from the same boilerplate used on a few million sites. I then added a few bits recommended by the policy generator in WP, and called it good.

fahirsch May 22, 2018 um 10:15 am

Do you know of a WordPress plugin to delete commenters email addresses?

Nate Hoffelder May 22, 2018 um 10:23 am

Not off the top of my head, but I bet there is one. Check the GDPR compliance plugins.

How to Clean Up Your Mailing List (& Why You Shouldn't) | Nate Hoffelder August 11, 2020 um 3:34 pm

[…] I brought my mailing list into compliance with the GDPR, I identified 24 subscribers that I needed to ask permission to continue sending them emails. Only 9 granted that permission, […]

Write a Comment