GDPR or “General Data Protection and Regulation” is basically a new piece of European Union legislation that is meant to protect the privacy of personal data and give EU data subjects greater control over their own personal information. To engage in business with anyone in the European Union, whether you are part of the EU / EEA or not now companies will need to follow strict guidelines concerning how they collect, use, and retain the data collected about their customers.

The basic summary of GDPR is that it protects consumers by introducing strict rules for companies that include how they can gather, process, and protect personal data. The GDPR covers all communications with data subjects like B2C & B2B however there are other regulations in force like the PECR which will be replaced soon by the ePrivacy Regulation and for the UK the Data Protection Bill when it gets passed and becomes law.

Increase Your ROI with Shared Inbox from

Some B2B companies have already committed a mistake by assuming that GDPR will not affect them. They are the f the opinion that since their dealings are with businesses and not direct consumers, they are not in any way handling personal data. The question that arises here is that if your company is not handling personal information, then should you disregard GDPR?

Wrong. Take into account the pieces of information that are important to your B2B campaigns which include email addresses, details about the decision-makers at the companies that you are targeting, etc. Some of the details you are planning to use in a B2B campaign cannot be termed as personal data. For example the firmographic information like the company’s industry, location, size, etc are basically information about a company and not a person. But business email addressesare still technically personal information as specified by GDPR.

The GDPR requirements are very crucial which B2B companies will need to be aware of and comply with once it is fully established where Personal Data is being used for direct marketing purposes.

The point here is that GDPR is not about cold emailing, not about businesses. It is about personal data protection.

However, sending business emails does mean processing personal data so there are some very important points you need to keep in mind when emailing in a post-GDPR environment.

How To Do Cold B2B Email Marketing Post-GDPR

With all the GDPR focus on personal data protection, you need to ensure that your email marketing campaigns to businesses remain in-line with the usual cold email marketing basic requirements, such as:

The key things you need to keep in mind when emailing in a post-GDPR environment are mentioned below in steps :

  • Step One: You Need To Ensure That Your Prospecting Is Properly Targeted and Appropriate.
  • Step Two: Express And Describe Legitimate Interest In Your Email Copy
  • Step Three: Make It Swift And Easy To Unsubscribe/Opt-Out
  • Step Four: Regularly Clean And Maintain Your Database
  • Step Five: Make A Proper Reply For GDPR Complaints And Questions

Step One: You Need To Ensure That Your Prospecting Is Properly Targeted and Appropriate :

 Lead generation, as well as prospecting, are the most important sourcing personal data to be used in sales campaigns. The GDPR doesn’t stop people from prospecting or collecting leads but it simply demands a greater level of care, safety and accuracy from the lead generators.

For Ensuring Adequacy>Collect Only That Information What You Need :

You should only collect data which very strictly required by you as the data administrator or data processor.

The best way to ensure you do this is not to ask for data if you are not planning to use it. So take a phone number only if you plan to call your prospect, take their home address only if you plan to send them something by post.

For Ensuring Relevance>Collect Only That Information Which Is Relevant :

To check that your targeting is accurate your prospect should never be left wondering why you have emailed. It should be very clear based on what you do and what they do.

Step Two: Explain Your Legitimate Interest In Your Email Copy :

 Effective targeting is very important and you should always care to follow through in your email copy to explain exactly why your offering is relevant and show the purpose of why you are reaching out.

Next step is to immediately jump to the reason why you think your recipient is a relevant person for you to be contacting and how you have then properly processed their data to make contact.

Using legitimate interest for processing personal data is considered legal only if your interest outweighs that individual’s right to privacy.

Following are some examples of reasons for Legitimate Interest:

  • Looking up the company’s LinkedIn profile or the company’s website to see if whatever you are offering would support their goals or not.
  • Check for recent investments to see if your offering supports growth.
  • Check to see if any of the past clients are in a similar industry or have a similar offering.
  • Check to see if the company is expanding into an area for your service and if your offering supports growth or not.

Step Three: Make It Quick And Easy To Unsubscribe or Opt-Out :

 If you are someone who is sending cold email campaigns then you need to inform your recipients how to exercise their right to restriction.

The ‘unsubscribe link’ which is at the bottom of your email is the easiest way to automate the process and ensure compliance all across your lists.

Step Four: Regularly Cleanse And Maintain Your Database :

 Apart from removing the people who have opted out or unsubscribed, the GDPR also ensures that you are not be holding onto leads for months on end or any inaccurate contact information.

For that purpose, it is very crucial that you must cleanse your CRM database regularly to get rid of inactive or unresponsive leads. You need to check that your contact records are up-to-date, appropriately labeled, and tagged your data in order to record how you have collected and processed the personal data. Additionally, ensuring the security of your data transmission is paramount, especially under GDPR. Employing a Virtual Private Network (VPN) can further safeguard your data management practices, protecting the information as it travels across the internet; click here to find out more about this.

Step Five: Prepare An Informative Reply For GDPR Complaints And Questions :

 If your targeting is accurate and your copy is respectful as well as very informative, then chances are bright that your offer may carry you through. However there are chances that a few cases prospects will lash out because whatever it may be cold emails are still cold emails, regardless of how relevant and appropriate they are.

So in case the prospects asks…What right do you have to email me?”

This is definitely a prospect’s rights to ask, even if the email address is corporate, but the fact that their name is written out within the email address makes it personal.

So in case your service does not specifically relate to the company’s statute, explain the reasons why you considered them a relevant person to contact.

The effect of keeping detailed records of your lead generation process will help you to give a detailed answer about how and why you sourced a person’s data.

If the prospect asks…Where did you source my details from?

You will need to describe from where you found their data and why you thought they were appropriate to contact and why you thought they will be interested in your offering.

So again by keeping a detailed lead generation records will help you have a detailed response to this question.

Convert Cold Leads to Sales Qualified Leads with
Loved it? Spread it across!

About The Author

Scroll to Top