Opt-in is a situation where customers provide their personal information (like an email address or phone number) to an organization with the expectation that they will receive marketing communications as a result. This consent can be implicit or explicit. You should understand the differences between these two types of consent, as laws such as CAN-SPAM, TCPA, CCPA, and GDPR have changed the way customer data and communication is handled.
Consent varies worldwide, so check the regulations for the regions you are contacting. These definitions of implicit and explicit consent should help you understand and comply with those regulations to create successful campaigns.
Implicit consent means an individual has provided their information for a business purpose but not explicitly stated that they want to receive marketing communications. The customer profile denotes implicit consent as "Unknown Consent" because the consent value is null or unknown in the customer database. For some channels, like email, ODP defaults to include customers with implied consent when sending marketing messages. For other channels, like SMS, ODP defaults to requiring explicit consent for marketing messages. You can learn more about best practices for SMS consent here.
You can update your preferences using App Consent Settings to control how marketing messages are sent on channels where this option is available.
By setting Default Consent to Opted In, ODP treats customers with implied/unknown consent as being opted in and sends the marketing messages on this channel. By setting Default Consent to Opted Out, ODP treats customers with implied consent/null consent as opted out and does not send messages. Setting this value to Opted Out ensures that marketing on this channel is only delivered to explicitly opted-in customers. Please consult with your legal team for the appropriate settings for your business.
Explicit consent means an individual has given their permission for you to send them marketing. The future recipient must manually agree to opt-in. The submission of a form that includes an email address or phone number field is not sufficient for explicit consent, unless it includes a checkbox that the individual must click to agree. ODP includes customers with explicit consent in marketing campaigns by default.
Correct example of obtaining explicit opt-in:
You are collecting email addresses in a form, hosted in a Web Embed, where your customers can enter their email and check a box for opting in for SMS communications from you. After your customers submit the form, you can send your first promotional message along with opt-out instructions.
Incorrect example of obtaining explicit opt-in:
Your customer has not yet submitted her phone number and checked a box for opting in for SMS communications from you, but you send her a message and provide her the option to opt out. This method is prohibited because you have not obtained prior consent.
See the example below for proper explicit opt-in for email or SMS.
Import explicit consent
The example below shows a correctly formatted consent event file, where the action is opt-in for consent or opt-out to exclude the identifier from marketing. If a customer has multiple identifiers on which they could receive messages, you must follow this process for each. File names for these imports begin with zaius_events.
Import explicit email consent from Shopify
Shopify syncs a true/false customer field to ODP called Shopify Accepts Marketing, along with a timestamp for when this value was set. This field is set in Shopify when someone checks the Keep me up to date with news and offers box when checking out. After March 2020, ODP translates this field as explicit consent when true and marketing opt-out when false, specifically for the email identifier on the Shopify customer record. If the timestamp on the value is before the last time consent was updated in ODP, ODP keeps the current consent status. For example:
- February 22 – The customer opts-in to marketing when they order. A true value for Accepts Marketing with a current timestamp is sent to ODP, and the customer record indicates that they are opted-in.
- February 28 – The customer revokes consent after receiving an email. The customer record shows that they are opted out with the timestamp. The Accepts Marketing value on their profile does not change, but the email record shows that they have opted-out.
- March 3 – The customer logs into their account online and changes their shipping address. A customer update is sent to ODP where the Accepts Marketing value is true with a timestamp from February 22. Since that timestamp is behind the customer's latest consent record, this value is ignored and the customer remains opted-out.
The field is checked for updates during any Shopify customer update, like an order or account change.
Prior to March 2020, Shopify's Accepts Marketing field had no impact on the consent status for a customer. Filter customers in or out of ODP email campaigns by adding a simple AND expression to your customer segment. See below:
In addition to the Accepts Marketing value, email consent data for existing Shopify customers is synced back to the Shopify Accepts Marketing field nightly when changes occur in ODP. ODP does not create new Shopify customers but updates existing customers. Only integrations installed after mid-March 2020 follow this process.
Effect on ODP content
When creating web modals and web embeds, the editor validates the email or phone number, opt-in, and submit button fields to ensure that the form is submitted with identifiable information and proper consent. Learn more about each field validation below:
- Email or Phone – Ensures that the submission is properly attributed to a customer profile.
- Opt-in – Ensures that the submission provides express consent for future marketing communications. By default, this field also includes a general disclaimer about the purpose of the approval that can be customized.
- Submit button – Allows the submission to occur.
ODP favors explicit consent in these situations as it provides you (the sender) more protection concerning email privacy and compliance regulations. Additionally, it provides transparency for your customers (the recipient) concerning their future relationship with your brand's marketing communications.