Getting GDPR consent from your email list, using Mailchimp

minutes remaining

[thrive_highlight highlight='default' text='dark']Read time: 3 mins 50 sec[/thrive_highlight]

Read our quick step by step guide on how to gain consent from your email database list before GDPR with

How to get your MailChimp email list GDPR Compliant

All marketers have until the 24th May 2018 before GDPR becomes law on 25th!

One of the most important actions is to gain consent from your current email list before you have to stop emailing them totally (and thus technically deleting them).

Here's our plan of action and steps on how to get those people who want to stay in touch, agreeing to give consent.

  • Set up your list in MailChimp
  • Set up your GDPR permission form
  • Set up your GDPR email campaign
  • Create a Segment so follow up emails don't “spam” those who have given consent

Even if you don't use MailChimp for your regular emailing you can still import your current email list into it. You'll need to set-up a new MailChimp account, download your current list as a CSV and then load it into your new MailChimp account, you can then gain consent through a send, once that's done, export your compliant list back into your regular emailing platform.
Why? Because if your current ESP or CRM system isn't ready to gain consent, it's now or never, so time to get on with whatever works quickest.

A Quick Solution

MailChimp is one of the most popular email service providers and over the last few years become a complete marketing automation platform.
They have been busy preparing for GDPR and have produced their GDPR guidance and tools to help assist their customers to do just that.

At the beginning of May they released GDPR updates to their forms, which basically meant they had added ‘Fields' which then allow you to enable your current subscribers to add their agreement to the following communication channels:

  • Email
  • Direct Mail
  • Personalised advertising

So, to switch GDPR fields on in your list, you need to go to your list and then select the following:

Mailchimp list settings

Select List > Settings then click ‘List name and campaign defaults‘ then click on the below

GDPR fields in MailChimp
Checkbox enables GDPR fields


Once that is done you need to review the legal descriptions of the usage of the person's data.

Ensure this is either confirmed by your company's communications policy or reviewed by your legal counsel, as this will now set the basis for your permission to contact them after GDPR comes in.

If you don't have your GDPR legal support then please look at our partners LawBite who are providing very cost-effective support.

So the steps so far are:
+ Import, your list to MailChimp if your service provider, doesn’t support GDPR forms
+ Switch on GDPR fields

However this doesn't make your list GDPR compliant in itself, you need to ask every one of the people on your list to agree with the way you are going to communicate to them.

So you need to email them, but what to say?

MailChimp provides a template email for you to use called the “GDPR Subscriber Alert” but to be honest, it is a horrible presentation (unless you want to scare your subscribers into consent).

But this template does include suggested language that you can edit or copy to your own.

I think you should build your consent campaign from scratch to stay within your Brand communications, but to do so you need to make sure you include an Update Profile link. This is HUGELY important as it is this link that allows your subscribers to update their preferences to receive emails, ads and mail from you.

It provides a landing page like this and pre-fills their email and name.

If you don't like the default MailChimp GDPR Alert what then?

So some other options from some of the brands we have used:


Break up



My advice is if you have the time, to use a mix as certain versions will appeal to different people.

Don’t worry about frequency (one email per week etc) as you only have days left to talk to these people, once they the 24th is passed they will be legally out of contact (unless you have their consent).

One technique being used is a “countdown to deletion” or “last chance” email chain, so each person will get up to 7 emails in the last week.

So as you have only days left pick whatever is quickest to do, don’t let your brand design get in the way of consent, it’s too late!

Now you have their consent be polite!

One thing you should be doing is once someone has given their consent, stop emailing them! This will help to keep emails from your brand useful and not boring.

To do this use MailChimp's segments to send follow up emails only to people who have NOT given consent to email

Make sure you select “Auto Update” so whenever people give consent they are removed from the segment.

If you want to get more sophisticated then you could design other campaigns to encourage consent to:

  • customised personal advertising
  • direct mail consent

To do this you would need to set up segments for those people who may have consented to email but not the other two, and change the email messaging accordingly.

However, this is potentially dangerous, as if you have a high frequency of emails to your newly consented, you might find they unsubscribe from all brand communications.

So now the steps are:

  1. Import your list to MailChimp
  2. Switch on GDPR fields
  3. Set up your emails
  4. Set up segments so people who consented
  5. Once you have these parts in place it time to fire off the first round of emails.

Preview and test your email campaign as you normally would, and send it to your complete list. After you send your consent campaign, use the campaign URL to share it on your social channels.


  • Import your list to MailChimp
  • Switch on GDPR fields
  • set up your emails
  • set up a segment so people who haven't consented


Now is your last chance to get consent from the people on your email list and if you don’t delay you will enter the new data private world of 25th May and beyond with contacts still to talk to.
Don’t delay make this happen today!

Related Posts

{"email":"Email address invalid","url":"Website address invalid","required":"Required field missing"}

About the author:

Founder of both SiteLynx and SLX marketing. Leading web marketing planner and trainer.

Graham Hansell // administrator