Email Panel Data: Essential, GDPR-Compliant

I’ve been working with email panel data for more than five years now. By “email panel,” I mean a collection of data from end user mailboxes that have installed free email applications in exchange for sharing of aggregate, pseudonymous data.

Email panel data can be a game-changer. Cutting-edge email marketers use panel data for a lot of tasks, including:

Measuring inbox placement: You cannot really understand your inbox placement at Gmail and other mailbox providers without panel data. Because major mailbox providers make inbox placement decisions based on the relative engagement of a particular mailbox with mail coming from a particular source relative to all other sources, marketers must use the inbox placement metrics from real, “in the wild” mailboxes to understand actual inbox placement. Seed addresses (even seeds that have been programmed to show high/low activity for a given domain) cannot give an accurate reading of inbox placement.

Understanding which email programs drive the most engagement from clients: Having a panel of millions of users allows marketers to obtain detailed insights into the kinds of programs that are working for other marketers. Why design a welcome campaign from scratch when you can review all the welcome campaign approaches in your vertical and see what works?

Understanding your list quality: One of the most underappreciated drivers of email marketing is list quality. Over half of the difference in marketing performance between “average’ and “best in class” marketers is the quality of the marketer’s list: meaning the percentage of subscribers that are usually active with commercial email. A list that is full of “dead” addresses will be hard-pressed to drive best-in-market returns.

Because of my close association with the topic, I thought it important to respond to a recent MediaPost column by Ray Schultz in which he raised concerns about the use of such panels. The article referred to comments by James Castro Edwards, an attorney with the international law firm Wedlake Bell,  about the impact of the new European General Data Protection Regulation (GDPR).

Specifically, Schultz quotes Castro-Edwards as saying, “If the person ‘doesn’t have contact with that organization and doesn’t know the processing is taking place, there is an immediate problem.’” Schultz then adds, “This causes a problem with use of email panels for monitoring. Those consumers have no direct relationship with the firm doing the monitoring and don’t know it’s being done.”

Here’s how companies can address those concerns:

Realize that GDPR actually simplifies current data regulations: From the moment that the final GDPR requirements were released last year, the majority of press and commentary has been designed to scare email senders, focusing on the burden of compliance and the (admittedly massive) fines and penalties for noncompliance.

In reality, GDPR is built upon the long-standing Data Protection Directive, an important component of EU privacy law. Out of this 1995 law came a wide variety of rules and regulations across Europe—requirements that are often inconsistent between countries, and that global senders are already required to follow. GDPR brings consistency to privacy laws across Europe, and should actually make it easier to do business in today’s global digital economy.

Recognize GDPR as an opportunity: GDPR compliance will require a thorough review of data handling and processing procedures. This presents a great opportunity to review and map your data flows and, if necessary, restructure them—not only for compliance purposes, but also to improve business efficiency.

A recent Veritas study shows that 85 percent of all data stored by companies is redundant, obsolete, or trivial, and the cost of server space and other resources needed to manage this data is immense. Preparing for GDPR is an opportunity to trim the fat.

Respect the critical nature of consent: In terms of consent, GDPR simply formalizes the respect for consumer privacy rights that any responsible company already has. Any data for an email panel (or any purpose, really) should be collected only with the consumer’s express, unambiguous, and informed consent.

In addition, this data should only be used in an aggregated, de-identified, and pseudonymized fashion. This is simply good business practice, not only because it ensures compliance with GDPR, but because it results in better leads, higher conversion rates, and better relationships with your clients.

Be ready for change: As uses of data change, firms should be prepared to update their privacy policies and panelist permissioning processes to ensure that consent includes these new uses. Continue to operate with transparency about the information that is collected: how it is used, shared, and protected, and what choices panelists have in sharing their data.

While GDPR certainly requires preparation and careful consideration, there’s no need to panic. Email panels are not being targeted for extinction, and remain an essential tool for email marketers. It would be a pity if a few scary headlines were to change that.

This article originally appeared on Media Post.

minute read

Popular stories



BriteVerify email verification ensures that an email address actually exists in real-time


The #1 global data quality tool used by thousands of Salesforce admins


Insights and deliverability guidance from the only all-in-one email marketing solution

GridBuddy Cloud

Transform how you interact with your data through the versatility of grids.

Return Path

World-class deliverability applications to optimize email marketing programs

Trust Assessments

A revolutionary new solution for assessing Salesforce data quality


Validity for Email

Increase inbox placement and maximize subscriber reach with clean and actionable data

Validity for Data Management

Simplify data management with solutions that improve data quality and increase CRM adoption

Validity for Sales Productivity

Give your sales team back hours per day with tools designed to increase productivity and mitigate pipeline risks in real-time