What wording do I need on my opt-in form to make it GPDR compliant?

Back in May, GDPR sent us all in a tizzy. One of the biggest discussions on social media was wording for opt-in forms. I saw one comment that even suggested lead magnets and therefore list building was dead.

I can assure you that’s not the case and building your online lists by offering free resources is still very important.  However, it is true that with GDPR you need to be more careful with wording.  I have seen too many people still not doing this correctly.

I’ll just add here before anyone starts to stress about changing all their opt-in forms, that no-one is going to come banging on your door tomorrow if you haven’t got it quite right yet. You aren’t going to be fined thousands of pounds. Elizabeth Denham, the UK’s Information Comissioner, felt there was a lot of scaremongering going on and stated that “Issuing fines has always been and will continue to be, a last resort.”

Remember though that part of your responsibility to your leads and prospective clients is transparency and providing a good customer experience.

Last weekend when I met Jo Brianti of JLB Support who helps small business incorporate GDPR into their systems, I took the opportunity to ask her to clarify the situation..  I also managed to get through to the Information Commissioner’s Office support. Both Jo and the ICO confirmed the following:

  1. The key is to make it very clear to your audience what they will receive when they click the button on your opt-in form.
  2. However, you cannot ‘bundle’ together your offerings.
  3. Your audience needs to explicitly agree to receive each offering from you.

What does this look like in practice?

For example, you have an awesome free guide explaining the “Top 7 ways to reduce anxiety”.

Perhaps it looks like this:

  • Facebook
  • Twitter
  • Pinterest

And this would be fine if you are only sending the guide and NOT also adding them to a newsletter list

But you cannot also add “Download my 7 ways AND get my monthly updates”.

  • Facebook
  • Twitter
  • Pinterest

Why?  Because this is bundling.  You have not give your audience the option to opt in explicitly to the monthly updates.

People may only want the download and nothing more. Under GDPR you are not allowed to disadvantage anyone because they don’t provide consent. Yet they can’t get the download without automatically going on your list.  Yes, they can unsubscribe at any time but that’s an opt-out and GDPR is all about opting in.

So what can you do?

  1. You could add a check box at the bottom of your opt-in form telling them about your monthly updates, which they can they tick if they so wish. That way, when they click submit, they get the download and also get added to your newsletter list.However, adding a checkbox isn’t a great user experience.

  • Facebook
  • Twitter
  • Pinterest


  1. In the email you send out automatically with their download and/or a follow up email that is related to that download, you can give them a chance to opt in to your newsletter. This is where you can use wording such as “By the way, if you’ve liked this download and would love to hear more tips from me that I only send out to my subscribers, then click here to be added to my list”.


  1. On the Thank you Page that people see once they have requested your download, you could let them know about your newsletter with a link to opt-in. Here is a great place to pop a video saying hi and telling them more about you.

Do you see that by doing the above, you are not bundling anything together. People can clearly obtain the download on its own without being added to your list automatically.  However, if they choose to hear further from you, you have given them option to do so.

Now, some of you may feel that you’ve worked hard to design your free resource, so why shouldn’t you get their email in return?  And you’re quite right.

You’ve possible spent several hours (days even!) on Canva (shoulda outsourced it!) and you would like some return for your investment of time.

And the email addresses you now have from people requesting your download, what more can you do with that email address?  Nothing, nadda, nowt.  In fact, all you can do is delete them.

Instead, you can turn around your offer.

This now looks like:

  • Facebook
  • Twitter
  • Pinterest

By doing this, the opt-in form is explicitly asking people to subscribe to your newsletter.  Your monthly update is what they are saying ‘yes please’ to. You are offering the download as an incentive to subscribe and it’s a lovely free bonus for them.

This new form is GDPR compliant and avoids bundling.  It is also a better user experience for your audience who are becoming tick-box tired already.

Any questions, let me know.


Pin It on Pinterest