AcyMailing

Lawful Basis Per List (GDPR) - Opt-in or No opt-in

I know that Acymailing is mostly used for marketing and that the system of opt-in / double opt-in suits the purpose well.

However, Acymailing could be used to send other types of mass emails.

European companies and those mailing European citizens need to comply with the GDPR and have a lawful basis for processing e.g. sending mail.  There are 6 of these:

  1. Consent: the individual has given clear consent for you to process their personal data for a specific purpose.
  2. Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.
  3. Legal obligation: the processing is necessary for you to comply with the law (not including contractual obligations).
  4. Vital interests: the processing is necessary to protect someone’s life.
  5. Public task: the processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law.
  6. Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests. (This cannot apply if you are a public authority processing data to perform your official tasks.)

So,

  1. Number 1  -  Consent - is generally needed for marketing and is covered in Acymailing
  2. Contract - Is used by all companies when and does not require consent 
  3. Legal Obligation is probably not a main use, but again does not require consent
  4. Vital Interest is a most unlikely use, but would not require consent
  5. Public task - is a possibility for some official bodies and does not require consent
  6. Legitimate interests - is possible and does not require consent

Number 2 is the main reason for wanting this feature, and also possibly Number 6.

So, It would be good to have different rules (mapped to lawful basis) attached to different lists 

e.g.

  • marketing lists where users would need to opt in / double opt-in to give consent
  • other lists where consent is not needed and  thetefore opt-in is not required.

I would expect that all lists would have a field to record the purpose and/or lawful basis being used and if marketing was selected then opt-in etc. would become necessary.

Another text field to make a note of the details e.g. "general price increase" or "suspension of client meetings due to Corvid-19"... would be useful.

I hope this makes sense.  It wpould be really useful and would widen the scope of Acymailing.