Keeping customer data safe and respecting their privacy is not just best practice—it’s the law. If you’re using Rocketspark’s Mailchimp integration to collect email subscribers via your website, it’s crucial to understand your responsibilities when it comes to consent, privacy, and spam compliance.
Important: This guide provides general information only and should not be considered legal advice. We recommend consulting a qualified professional to ensure compliance with privacy laws applicable to your business (such as GDPR, the NZ Privacy Act 2020, or other international laws like the CPRA in California).
Note: The GDPR is the privacy legislation of the UK and EU that came into effect in 2018 and affects any business that is based in this region or has clients based in this region. View Rocketspark’s introduction to the GDPR.
Make it clear what people are signing up for
With Rocketspark forms connected with Mailchimp, it is possible to have both single field and multi-field forms connected and sending subscriber information to Mailchimp. With Mailchimp, it is a requirement of their terms and conditions that permission is obtained from the subscriber.
Permission in single field forms
In the context of single field forms, these are usually used for the purpose of a simple email newsletter subscribe form. As there is only one field and if there is only one way that email address is going to be used, permission is simple in this context:
- The heading or the label of the field should say what the person is subscribing to like "sign up to our email newsletter".
- The button should say something like "Subscribe" or "Sign up" so it’s clear that they are subscribing.
- Someone would only click the subscribe button if they're giving consent for you to add them to this database, so all subscribers could be considered as having given permission.
Permission in multi-field forms
Longer forms can be used for a range of different things like application forms, inquiry forms, contact forms, design brief submissions etc. It is possible to also give the option to subscribe to something like an email newsletter database that is different from the primary reason for completing the form.
To get permission to use the subscriber's details in this additional way, you need to make it clear that the subscriber is opting in and giving permission to this additional reason and what their details will be used for (ie, marketing purposes).
Rocketspark recommends using an opt-in box field type for Rocketspark forms connected with Mailchimp, to easily add a tickbox that can be used for obtaining permission from subscribers, with the ability to add text that explains what subscribers’ details will be used for.
Double Opt-In (Recommended)
For added compliance—especially in the UK/EU—enable double opt-in in Mailchimp. This means subscribers will need to confirm their email address via a follow-up email. It’s not legally required everywhere, but it significantly reduces your legal risk and ensures cleaner lists.