What Public Libraries Need to Know about GDPR

Has your inbox suddenly been flooded with requests from businesses to opt-in to their email communications? You’re not alone.  

Many American companies are updating their email lists to document permission from subscribers. The move is in response to a new European Union regulation that extends further data privacy protections to EU citizens, which  took effect on May 25, 2018. Many of these businesses operate globally, and as a result, the regulation directly affects their operations. 

However, you also may be curious about how the rule – called the General Data Protection Regulation or GDPR – may impact your public library’s email marketing program. We wondered too, so here’s a quick FAQ plus some useful resources. 

What is GDPR? 

The regulation is designed to give EU citizens more control over their personal data and to unify data protection regulations within the EU. It impacts any business operating in Europe. 


If this is an EU regulationdo U.S. public libraries really need to be concerned about it? 

There’s a very slim chance that EU citizens are on your email subscriber list. However, just as many American companies are complying with the law voluntarily, you may want to do so as well. In fact, though laws in the U.S. are unlikely to change, voluntary compliance with GDPR may become a best practice for marketers.   

The rule offers stricter protections than U.S. laws offer. Consumers clearly benefit because they have higher confidence in how their data is being used. But there’s an upside for marketers too. When subscribers opt into your email list, that’s an indication that they want to hear from you. So, you’re likely to get fewer unsubscribes and – potentially – higher click-throughs. 


How does this impact my email list? Should I ask subscribers for documented consent? 

The GDPR requires businesses to obtain documented consent from their contacts. In the U.S., the law permits implied consent, which is inferred from a contact’s actions. For example, donors have an existing relationship with an institution, which implies consent.  

Most email marketing service providers offer instructions on how to obtain documented consent from your email subscribers. Constant Contact covers the topic in a blog post here, while MailChimp discusses the subject here. 


What else do I need to know? 

Although U.S. public libraries probably won’t be subject to the EU rule, it’s a good idea to check with your attorney to be sure. 

If you choose to voluntarily follow the rule, this handy infographic from MarketingProfs provides a GDPR compliance checklist for marketers. 






About Tiffany McClary

Tiffany McClary is the Director of Communications, Marketing & Outreach for the New Jersey State Library. She coordinates marketing and public relations initiatives in order to enhance the reputation of the State Library, and promote the value of NJ libraries and the services and programs that they provide to residents.