DSGVO compliant: recipient validation with interactive email

Initial situation
The rules of the GDPR (General Data ProtectionIt is not enough for companies to aggregate your users' data. They must also obtain permission to use this data at the same time. They must obtain an overview of whether and for what purpose they may actively use this personal data or use it for advertising... Regulation) applicable in the EU as of May 25, 2018 require proof of consent for the sending of marketing emails for the receipt of such emails as well as explicit consent for the processing of personal data. Since in many EU countries the requirements were previously less pronounced, this must be obtained retrospectively for the majority of the email distribution list. This was also the case for an automotive manufacturer. In some markets, existing contacts had to be validated as GDPR-compliant before the new regulation came into force, which had been recorded in the past according to less restrictive, local legislation.

Most companies send an e-mail for this purpose, in which the customer is asked to give his consent on a landing page. To increase user-friendliness, the data fields on the landing page are already filled in or the user is identified in the background. This eliminates the need for the user to type in personal data. In most cases, an interface with the CRM or the e-mail system is implemented for this purpose.

However, there are two drawbacks to this classic approach:

  • User Experience: A text followed by a link or button with the caption “give consent now” presents a small hurdle, as it is not clear to the user what to expect on the landing page.
  • Implementation effort: The implementation of interfaces always means an effort that should not be underestimated, both in terms of costs and implementation time.

To eliminate the above-mentioned disadvantages, the entire functionality for submitting the permission was integrated as an interactive element directly in the e-mail. The user can thus submit the permission without any intermediate step. The entire form with the two required checkboxes and the descriptive text is directly visible. This lowers the hurdle for submitting the permission, which increases the conversion for the permission.

Simplified process flow

The entire campaign consisted of 6 emails, which were sent via an automated campaign within 3-4 weeks:

  • Initial email with the request to a) submit the permission for the communication channels and for b) the future analysis of personal data.
  • Reminder email with the request for both permissions if there was no positive response in the initial email.
  • Reminder email with the request for the analytics permission if only the channel permission was given in the initial email.
  • Thank you email if both permissions were given.
  • Thank you email with the request for the analytics permission if only the channel permission was given.
  • Final reminder email just before the deadline if no permission was given.

The campaign was sent in full for different brands of the manufacturer in 7 countries in the local language.

Technology and innovation
Using HTML and CSS alone, an interactive element was created that enables the permission query directly in the e-mail. The form integrated in the e-mail is transmitted to the ELAINE server (dispatch technology) via a secure HTTPS connection and processed there. The information necessary to fulfill the obligation to provide evidence (permission, date and IP address) is stored. Detailed legal texts are included as fold-out elements directly in the e-mail. Thus, it is not necessary to direct the recipient to an external landing page for the legally required texts, which would increase the risk of the process being aborted. The interactive element was built dynamically so that the identical HTML code could be used in all 6 emails. Based on the data collected, the required checkboxes for the channel and analyticspermission were dynamically shown or hidden. This ensured that only the checkbox for the analytics permission was visible in the reminder e-mail for recipients who had already granted the channel permission in the initial e-mail. The dynamic structure significantly reduced the effort required for implementation and testing. With a total of 127 emails, this was a decisive point for the efficient implementation of the campaign.


  • Permission can be given directly in the email
  • No landing page with interface to external systems necessary
  • Completely automated process thanks to ELAINE Marketing AutomationMarketing Automation ist ein Framework bestehende aus Strategie (First Party Data und Marketing), Use Cases und Prozessen, Daten bzw. Customer Data Platform, Technologien, Inhalten, Organisation und Skills sowie dem Rechtsrahmen bzw. dem Consent Management....
  • Identical campaign for 7 markets in 7 languages