How do I make my subscription (or registration) form consistent with GDPR consent requirements?

In terms of consent, the GDPR only reinforces the good practices already established in the E-Privacy Directive (2002). The GDPR specifies that consent must be given through an informed, specific and unambiguous positive action. To be compliant with the GDPR, your form must:

  • Specify how personal data will be used (an email address will be sent newsletters, an invitation to events, etc.)
  • Only request only necessary personal data (e.g. do not request a postal address if this data will not be used)
  • Consent is only valid if given through an "active opt-in" (e.g. do not pre-fill or "pre-check" consent boxes for the user - they must actively select it) 
  • Include a link to your privacy policy

SendinBlue allows you to easily create GDPR compliant forms by following this tutorial: Create a GDPR compliant subscription form