Abandoned shopping carts are about as disappointing as a date that gets cancelled at the last minute on a beautiful Saturday night.
While it is tempting and necessary to encourage your prospects to come back to your store to complete their purchase by sending them emails, you should still consider GDPR compliance for abandoned cart emails.
American Express Services was recently fined £90,000 under the GDPR for sending 4 million unsolicited emails, and it is vital to do your due diligence to avoid similar fines.
In this article we'll answer:
Ready to learn how to avoid costly mistakes while sending your customers' emails? Keep on reading!
The world of eCommerce has gone through drastic changes over the past few years. Not only are consumers constantly looking for cheaper options, but they are also considering other factors such as the delivery time and shipping costs before making a purchase.
Add to that how easy it is for your customers to get distracted by all the noise in the digital environment, and it is no wonder that you face an uphill battle to get your customers to complete their order and check out.
An abandoned shopping cart refers to a scenario in eCommerce, where your customer leaves the checkout page before completing the purchase.
Whether the reason is due to high shipping costs, change of heart, late delivery time or payment security concerns—abandoned carts prospect lower conversion rates for eCommerce businesses and resulted in a loss of revenue.
According to recent research conducted by Forrester, abandoned shopping carts cost eCommerce businesses $18 billion each year worldwide.
Given that almost 70% of all potential customers abandon their carts before checking out, recovering even a small percentage of these customers can help boost revenues significantly for eCommerce businesses.
To convert these prospects into customers, eCommerce businesses use various methods such as retargeting, push notifications, text messages, personal outreach and abandoned cart emails.
One of the most effective ways in recovering these lost customers is automated abandoned cart email sequences.
In fact, according to a recent report published by Klaviyo, with a 41% open rate and around 10% click rate, abandoned cart emails can help eCommerce businesses recover as much as 15% of lost revenue.
The same report also demonstrates that the timeliness of the email and the relevance of the content play a vital role in winning back customers and getting them to complete the checkout process.
For example, sending two or three emails within the first few hours or days after the abandonment and making the subject line and body of the email more relevant by reminding recipients that they left something behind or adding emojis boosted the performance significantly.
On average, the e-commerce businesses that participated in this research have earned almost $6 per abandoned cart email recipient. If you multiply the revenue per email recipient by the number of emails sent, often in thousands, it is not hard to see why abandoned cart emails are highly effective.
While you may be tempted to send out an email within the first few hours after the abandonment and personalize the email with conversion-driven copy, it is best to be diligent in running your email campaign in a GDPR-compliant way.
If you send abandoned cart emails by violating GDPR, all the revenue you get from your email campaign may get wiped away because GDPR fines can be as much as 20 million euros.
Let's now turn to the million-dollar question:
When your customers visit your website, choose products and provide their details such as their names, email addresses and phone numbers, GDPR rules apply to the processing of personal data in this way.
In the next step, you use the email address of your customers that abandoned the checkout page before completing the order and send them an email.
This is where it gets tricky because sending marketing emails to consumers in the EU is subject to the GDPR and another set of laws that you should be aware of, the ePrivacy Directive.
ePrivacy Directive is an EU Directive that sets rules on sending electronic communications, including emails such as abandoned cart emails to EU consumers.
Therefore, you need to comply with both the GDPR and the ePrivacy Directive when sending abandoned cart emails.
In the next section, we will explain how to comply with the ePrivacy Directive and then explain GDPR compliance and abandoned cart emails.
To send your customers abandoned cart emails in compliance with the ePrivacy Directive, you can rely on one of these two methods:
Under the Directive, you can freely send abandoned cart emails to your customers so long as you obtain their explicit consent.
Applying these criteria to abandoned cart emails, your customers must expressly consent to receive emails about every online cart they have created. However, the consent must be specific, freely given and informed. In other words, you cannot satisfy the consent criteria just by obtaining consent to general marketing emails.
Given that a significant chunk of your customers can simply ignore your request to send them cart emails, you may end up with fewer customers to retarget with abandoned cart emails.
Luckily, there is an alternative mechanism to consent called soft opt-in, and it allows you to send abandoned cart emails in compliance with the ePrivacy Directive.
When your customers fill out a form and add items to their cart, they are in the last stage of the online checkout process.
Fortunately, the ePrivacy Directive recognizes that since customers provided their email addresses in the course of a sale, it is reasonable to allow businesses to send marketing emails without obtaining specific consent.
In other words, you can send abandoned cart emails under the ePrivacy Directive because you collected email addresses during the checkout process. However, you should also satisfy the following requirements to comply:
As long as the email only relates to customers' cart and includes a simple way to opt-out, you satisfy ePrivacy Directive requirements.
Alongside the ePrivacy Directive, you should also follow GDPR rules on abandoned cart emails.
Let's now look at what the GDPR has to say on this.
Collection of emails, names and other personal details of your customers and the subsequently abandoned cart emails all fall under the scope of the GDPR.
This is because both the collection of this data and email addresses to send abandoned cart emails are data processing activities under the GDPR.
Before sending abandoned cart emails, you must first identify a lawful basis to justify sending these emails.
GDPR defines six separate legal bases in article 6, including 'consent' and 'legitimate interest.'
One common misconception prevalent amongst marketers is that consent is superior to all other legal bases provided under the GDPR. You must always ask for consent to send marketing emails to prospects.
Contrary to what some marketers believe, GDPR does not set a hierarchy between different legal bases, so you can choose to rely on other legal bases such as legitimate interest instead of asking for consent.
After GDPR came into force in 2018, a significant number of marketers fell into the misconception that they needed consent from all their existing customers to comply with the GDPR even though it was not necessary and ended up with significant shrinkage of their valuable prospect lists.
There is no reason or benefit in relying on consent and losing your prospects when you do not have to.
Put simply; you do not need the consent of your prospects before sending them abandoned cart emails as long as you satisfy requirements for other lawful bases such as legitimate interests.
GDPR itself confirms that marketers can rely on legitimate interests instead of asking for consent for direct marketing:
Furthermore, The UK's Privacy Authority ICO has explicitly stated in its Direct Marketing Guidance that sending emails to individuals who had an existing relationship with a business or in the sales process can be lawful based on legitimate interests ground under the GDPR.
However, just like consent, legitimate interests ground is also subject to strict rules, so you first need to make sure that you comply with GDPR requirements for reliance on legitimate interests.
You may think, so far so good with relying on the legitimate interests to run your abandoned cart email campaign and achieve high ROI because legitimate interests save you from asking for consent, frustrating your prospects and ending up with fewer prospects to send emails due to opt-outs.
While legitimate interests ground is more flexible compared to consent and it gives you more power over the personal data you collect and your email campaigns, it comes with overhead: You still need to satisfy the requirements to rely on legitimate interest; it does not automatically make it lawful to send as many emails to your prospects as possible without giving them the ability to opt-out.
To lawfully run your email marketing campaigns and convert your prospects into customers, you need to conduct a 3-Part Legitimate Interest Assessment that Data Protection Authorities recommend.
You need to specify the legitimate interest in sending abandoned cart emails.
Sending abandoned cart emails falls under direct marketing, and direct marketing constitutes legitimate interest.
While drafting your legitimate interest assessment, you can refer to soft opt-in under the ePrivacy Directive and explain how you comply because your prospects share their email in the sales stage.
You need to demonstrate that sending out abandoned cart emails is necessary and proportional to achieve the legitimate interest you identified in the first step.
In this step, you need to show that there are no less intrusive and equally effective direct marketing methods than emails. The number of emails you send and the collection of email addresses is proportional to the legitimate interest you are trying to achieve.
For example, you can refer to reliable studies and surveys that prove the high ROI of email campaigns in recovering abandoned carts.
Limiting the number of emails sent and not spamming your prospects is also essential in assessing the proportionality of the use of emails.
You need to balance your legitimate interests against your prospects' rights and freedoms and ensure that their rights do not override your legitimate interests.
In this step, you need to consider whether your email campaign is intrusive on your prospects and whether they would expect to receive such emails.
Considering that your prospects already showed strong interest in your products to the degree that they added items to their carts and shared their contact details, it is reasonable to assume that they would not be surprised by abandoned cart emails.
Being transparent in your email marketing campaigns will eliminate any uncertainty and help you satisfy this step.
Another thing to keep in mind is that the number of emails you send matters: The fewer emails you send, the more likely the balancing test will be in your favour.