Email Personalization, Abandoned Carts and GDPR

3 Minute Read

There have been numerous scare stories about the impending death of email marketing once GDPR kicks in later this month on May 25th.

As you’ll know, you will be legally obligated to acquire consent (from existing customers, and new) in order to send your email marketing communications. This will no doubt see your email list reduce in size. But on the plus side, this means your email marketing database will only contain people who want to receive your emails. Providing you’re compliant with the new regulations, there’s no reason why you can’t continue to send personalized email campaigns and abandoned cart emails.

Regardless, there still seems to be a lot of confusion around the topic of GDPR and email marketing.

Abandoned cart emails

One of the areas that seems to have raised many questions is the topic of abandoned cart emails and their lawful basis. There has been some debate as to whether abandoned cart emails constitute transactional emails or marketing emails. Some have suggested that they are the former, arguing that legitimate interests can be your lawful basis for processing personal data to send these emails. Others have recommended getting consent and treating abandoned cart emails as marketing emails.

We believe consent is the best option here and in the best interests of customers. Legitimate interests is used as a lawful basis for when the processing is necessary and in ways that customers ‘would reasonably expect’. However, in the case of abandoned cart emails, it’s debatable as to whether a) they are necessary and b) whether a visitor landing on your site would expect such an email.

In this case, abandoned cart emails can then be sent to consumers who have opted-in.

Personalized emails

In much the same way, personalized marketing emails require consent. It’s important when using a personalization tool like Bunting to make sure your vendor is up to date with your email subscriptions.

It’s crucially important to make sure your recipients know that their data will be used for personalized marketing emails, and you’ll need to detail how and why.  This information should be displayed clearly and must be easily accessed. Remember consent needs to be “freely given, specific, informed and unambiguous”.

With all kinds of marketing emails it’s essential that recipients can opt-out – unsubscribe – just as easily as they can opt-in.


Only you are responsible for your GDPR compliance, meaning you need to check your vendors have the structures and processes in place to ensure your own compliance with the regulation.

You should now be in the process of getting consent from your customers – existing customers and new ones – to process their data in order to send them further marketing emails. It’s important that your vendors are also updated with your customers’ consent, which we are well prepared for at Bunting.

For Bunting users we’ve got a guide for how to update your email database in the tool. In this article you’ll find out how to automate this process and keep Bunting up to date with your opt-ins.

Good luck with the rest of your preparations, and if you’ve any questions, just drop us an email at gdpr [at] bunting [dot] com

Disclaimer: nothing in this article should be taken as legal advice. We strongly encourage you to get legal advice to aid your GDPR preparations!

4 Minute Read

8 Ways to Optimise Shopping Cart and Checkout to Increase Conversions

Marketing Tools for eCommerce Managers

5 Minute Read

5 Best Marketing Tools for eCommerce Managers

scarcity marketing

8 Minute Read

9 Scarcity Marketing Examples to Boost eCommerce Conversions in 2020

Home Blog Website Optimization Email Personalization, Abandoned Carts and GDPR