GDPR System Features
We have added support for Do Not Track, a browser feature that allows users to request that sites do not track them. Smartmessages will honour this setting and anonymise open and click tracking data so that subscribers don’t appear in reports. We still note that subscribers have performed some activity (which is used to prevent them being dropped from lists due to inactivity), but we don’t record what it is. Subscribers that have this option set appear as “(Anonymous)” in our reports.
We have removed all analytics and plugins from Smartmessages and thus we are being very clear on privacy and data protection; we don’t track anything from visitors to our site. One bonus of this approach is that we don’t have to display one of those annoying cookie permissions pop-ups – no cookies, no pop-up needed!
Some ESPs provide opt-in consent data in their list exports (notably Mailchimp), and we handle that appropriately during list uploads. We support Mailchimp’s list format directly, so valuable lists can be migrated to Smartmessages while retaining strict GDPR compliance, and making it easy to find the provenance of subscriber addresses. We also support this on lists downloaded from Smartmessages, so you can export that data too.
Marcus wrote an RFC (request for comments) last year on the subject of cryptographically provable mailing list opt-ins, but there has been little interest. We are determined to work towards a standard so consent becomes more portable, lists can be moved more easily, and messages can be reliably whitelisted.