How to send B2B cold emails in a post GDPR world

Follow these 5 principles to send cold B2B emails and stay in line with the General Data Protection Regulation 

History is full of dates that mark a turning point for the people that make up the world. For some, it was the fall of the Berlin wall. Others, the date that marked independence. For many marketers, that date was May 25th, 2018.

The GDPR came into effect on May 25th, 2018. It promised to put an end to spammy digital marketing practices with a staunch position on the protection of individual privacy rights. Marketers who found themselves on the wrong side of the Email Marketing and GDPR regulations could face intense fines of up to 20 million Euros. Many digital marketers saw this as the death knell of email marketing and cold outreach, and some still avoid cold emailing for fear of breaching GDPR.

However, we’re here to report that the death certificate of cold emailing was grossly exaggerated. Cold emailing is, in fact, alive and well - at least in the B2B email marketing sphere. To be more precise, email marketers simply need to follow five principles to send cold B2B emails in a GDPR-compliant manner.

This blog post will guide you through these five principles you need to adhere to in order to send cold emails while staying compliant with Email Marketing and GDPR.

5 Principles to Send Cold B2B Emails Under GDPR

1. Always choose the right prospect and collect only necessary data.
2. Always explain your reason for contact and data processing.
3. Always provide an easy and quick way to unsubscribe (opt-out).
4. Always maintain and regularly clean your database.
5. Always have an answer to complaints and questions regarding GDPR.

1 - Always Choose the Right Prospect and Data

• Adequacy: Only collect and process necessary data. For instance, if you don’t intend to call your leads, don’t ask for their phone number.
• Relevance: Reach out only to prospects who are likely to be interested in your offering. If recipients are surprised to hear from you, your targeting may not be GDPR-compliant.

Your B2B email marketing should always be personalized, relevant, and value-driven.

2 - Always Explain Your Reason for Contacting and Processing Data

1. Consent - The prospect has given explicit permission.
2. Contract - A contract obligates data processing.
3. Legal Obligation - The law requires data processing.
4. Vital Interest - Processing is necessary for protection.
5. Public Interest - Processing benefits the public.
6. Legitimate Interest - There is a mutual benefit to both parties.

For email marketing and GDPR compliance, legitimate interest is often the most relevant justification for cold B2B emails. However, it must be demonstrable and relevant.

Include key information in your cold email:

• A statement informing the recipient how their data was processed.
• A concise explanation of why you’re contacting them.
• Clear instructions for updating or removing their data from your database.

3 - Always provide an easy way to unsubscribe / Opt-out

The GDPR nearly enshrines a prospect’s right to erasure - that is, their inalienable right to demand you erase their information and never contact them again. In terms of marketing lingo, we have to always provide and notify our prospects of a straightforward and quick way to opt-out.

The simplest way to do this is to include an unsubscribe link at the bottom of your email. Another way is to simply outline how prospects can unsubscribe directly with a statement in an email footer such as “If you don’t want to hear from us again, just reply ‘No thanks’ and we’ll never contact you again.”

No matter how you go about it, your opt-out strategy should always be:

• Clear - do not be vague.
• Easy to follow - at most it should be two steps to unsubscribe.
• Enforced - you have to take requests seriously and delete their data immediately.

4 - Always maintain your database

In addition to removing prospects that have opted out or unsubscribed, the GDPR states that marketers cannot retain information for months of inactive or inaccurate contacts. You must therefore regularly audit your CRM database and contact lists and send out re-engagement emails where necessary.

It’s also important to secure your database and take all the necessary steps to keep your processes and systems safe. Physical access control, system access controls, data access controls, transmission controls, input controls, data backups and data segregation will go a long way to prove that you have not been negligent with your prospect data.

5 - Always have an answer to complaints and questions

People can be very protective and sensitive about their data - and for good reason. You’re more than likely to encounter your fair share of unfriendly responses and hostile reactions whenever you cold email prospects - that’s just part of the game.

Some of the questions or comments you will encounter are below. We’ve included a canned response to each to help inspire you to create your own responses.

What gives you the right to email me?

If you’ve followed our previous principles, you should be well within your rights (as far as the GDPR is concerned) to contact the person in question. However, you must remember that you are still dealing with a person and your communications may contain their name, making it personal. A good response to this is to highlight the legitimate interest angle:

“We collected and processed your contact information on the basis of legitimate interest. Given how our offering has been beneficial to companies like yours in the past, I believed our offer could benefit you.”

Where did you get my information from?

This is another common response that can be easily dealt with by noting public or openly available information, such as websites, online directories, LinkedIn or articles. Truthfully addressing the question is the best possible response:

“I found your email address on your company’s website that was linked from its LinkedIn profile. Your company fits our typical customer profile, so I wanted to get in touch.”

What information do you hold about me?

The GDPR expressly enforces peoples’ right to have complete control over their data and who has access to it. This means that if you are asked, you have to provide all the information you have collected and how it has been processed. An answer to this may include:

“We have your name, email address, company name and job title on record and nothing else. You are well within your rights to request that we delete this from our database if you are not interested in our services or wish us to do so. Your data is not being held in any other database or being resold, and we guarantee that we will delete it upon your request.”

Get to sending

Sending cold emails doesn’t have to leave you out in the cold in a post GDPR environment. In fact, cold emails are probably more effective now than ever with legitimate scammers, spammers and phishers being liable for intense fines. By following the 5 principles above, you can continue to cold email prospects and generate new business and revenue for your company. 

If generating new business and revenue for your company is one of your objectives, consider Demodia. 

Demodia has over a decade of digital marketing experience within Europe and abroad, and has created stellar marketing campaigns across industries. As a marketing consultant, Demodia has generated success through hard-won knowledge and experience in digital marketing. 

Contact Demodia today, and begin your journey towards more leads, more sales and more success.