The phrase "right to be forgotten" is very interesting to me because I feel like subscribers have the right to have their communication preferences honored. And in that sense it is all about remembering. However, as it relates to purchased lists. Those should be deleted immediately based on this statue as well as on plain old common sense.
- For people that haven't engaged in a while - I keep these people in a slow cadence stream in a nurture/engagement program. I send something every three weeks, or as new content becomes available. It's also wise to test with something like a BriteVerify or Kickbox to see if these people are still at the company. If not then I would mark them as email suspend.
- For unsubscribes - You can remove them from your database, but what happens if a sales person purchases them and puts them back in, or they re-subscribe, or they register for an webinar? In that case, they want the webinar, and that's where operational emails come in handy, but they don't want anything else. You want to be able to track that people are re-engaging and also protect the brand. I am an advocate for removing any unsubscribes that I can verify aren't at the company any more. Other than that you need to retain the information somehow. If your database is small enough, then you could potentially add their emails to a smart list that checks for lead creation with that email and tags the returning email as unsubscribe and then delete them, but that is not scaleable. The reality is, you're better off keeping them so that you can retain the data and the record of their communication preference. Remember, when you delete an unsubscribe, you also delete them from all the success metrics they had before that as well.
Thanks for your reply and insight! I'm wondering if after the GDPR there is any specific law that controls these aspects?
1 of 1 people found this helpful
Here's the formal language in the regulation (around "Right to be forgotten") as it relates to GDPR: Art. 17 GDPR – Right to erasure (‘right to be forgotten’) | General Data Protection Regulation (GDPR). Also included here is the complete list of the seven rights of data subjects. The "right to data portability" and "right to access" are other ones to keep an eye on. Essentially you'll need additional tools/functionality to comply with this.