Voyado Engage

Search

Double opt-in

A double opt-in is where a contact must confirm their sign-up for marketing communication and/or membership. It basically makes signing up into a two-step process.

First the contact signs up, maybe at the checkout, using their email address, causing the standard preferences to be set. An email is then sent, containing a link. The contact needs to actively click this link, causing the additional double opt-in consent to also be set. Only then should they be included in any email send-out, and it's up to the Engage admin to confirm this before including them.

Why double opt-in?

Using double opt-in increases the chances that only interested customers receive marketing information. It also protects your sender reputation, since now only real email addresses will be included in send-outs.

Another reason is GDPR. As a data controller you are responsible to ensure that you only process correct personal data and that you have a legal basis for doing so (for example, consent) and that the applicable individual has been informed of the processing. This might be difficult to ensure without double opt-in.

Working with double opt-in

If you are using Engage’s double opt-in solution as described here, there are important considerations to keep in mind. The double opt-in process alone does not automatically shield a contact from further communication. It still remains your responsibility to ensure that communication only occurs with contacts who have explicitly provided their consent.

Consider a scenario: 

  • Your systems requires a contact to take an action to accept communication (such as clicking an email after signing up, which is double opt-in).
  • Two new contacts then sign up for your loyalty program and receive the initial confirmation email containing the double opt-in link. 
  • One contact clicks the link, confirming their consent as "true." The other contact however ignores the email and, therefore, has not given their consent.
  • Both contacts, even though one has clicked the link and one hasn't, are now part of your contact base and can potentially receive both welcome emails and regular campaign send-outs. 

So to prevent the contact who has not yet provided consent from receiving communication, it's essential to factor in double opt-in status whenever a sendout is being done. There are several ways to do this, such as including segments or target audiences that only include contacts with a "true" consent status. 

Remember to incorporate these consent criteria into your automations.

Example 1 - Classic email editor

A few things are needed in Engage to make double opt-in work in the classic email editor.

A new consent must be added (a custom contact attribute of type "Consent") in Config Hub. Ideally you'll give the consent a name mentioning double opt-in (although that is not obligatory, it just makes it easier to keep track of). Call it doubleOptInConsent for the sake of this example.

Then you'll need an email template that contains a clickable link, as shown here.

On the link you'll need this code that will set doubleOptInConsent and also redirect to the URL specified.

[[CreateSetAttributeLink(doubleOptInConsent, true, 'https://landingpage.com')]]

Finally you'll need two automations set up. One will use the "New contact registered" trigger that will send the email using the template you set up in the previous step. The second will use the "Approved consent" trigger, filtering for your doubleOptInConsent consent. This automation is triggered when the link is clicked and the consent is set. Here is where you can send your "Welcome on board!" email.

Here's an example of the flow in action:

  1. A contact signs up at the checkout and indicates which communication they want to receive. Based on that, the standard preferences ("acceptsEmail", "acceptsSms", "acceptsPostal") are set when the contact is created Engage. But doubleOptInConsent is not set yet.
  2. The contact's sign-up is picked up by your "New contact registered" automation, which sends an email to the contact's address, using the template you made above.
  3. Once the link in the email is clicked doubleOptInConsent is set to "true" and the contact is redirected to the URL specified. A welcome email is sent.
  4. Now when you as the Engage admin want to do an email send-out, you'll need to confirm that all contacts included have not only "acceptsEmail" set to true (as usual) but also that doubleOptInConsent is true for them.

Example 2 - Design Studio

In the Design Studio email editor, the special link functionality (CreateSetAttributeLink) is no longer used. Instead, the consent is updated directly inside the automation using the "Set consent" activity, which gives a more controlled double opt-in process.

In Design Studio, the link itself does not automatically set the consent. Instead, consent is managed in the automation that's triggered after the link is clicked.

In this case, here's what you do:

First, just like in the classic editor, create a new consent attribute (type “Consent”) in the Configure Engage area. Call it something like doubleOptInConsent to make it clear what it's used for.

Then create your email template in Design Studio. Insert a normal link that directs the contact to a confirmation landing page, for example: https://landingpage.com/confirm.

Finally you'll build the automation to handle the click, following these steps:

  1.  Use the Start Trigger "New contact registered" which will try to start the automation whenever a new contact is created.
  2. Use the Activity "Send email sendout (Design Studio)" to send the email you created in Design Studio. This will include the CTA button that links to your landing page (as discussed above)
  3. Add a Trigger (with whatever delay you want), choose "Clicked link in email" and set up the rule to match the click link. When it is detected, the automation will continue. 
  4. Now add a "Set consent" Activity and set the value of doubleOptInConsent to "true".
  5. If you want, you can now add another Trigger to send an email confirming the consent was set. 

And here's an example of the flow in action:

  • A contact signs up, and standard preferences ("acceptsEmail", "acceptsSms", "acceptsPostal") are set.

    The doubleOptInConsent value is not yet set to "true" at this point.
  • The automation sends the confirmation email.
  • The contact clicks the confirmation link.
  • The automation detects the click and sets doubleOptInConsent to "true" via the "Set consent" activity.
  • A welcome email is sent (this part is optional).
  • The Engage admin must then ensure that both "acceptsEmail" and doubleOptInConsent are true before including the contact in any future send-outs.

About "Set consent"

The "Set consent" activity is used to update a contact’s consent preferences directly within an automation. Consent changes are logged and can be reviewed in the contact’s profile under the Consent tab.

All consent updates must be triggered by the contact’s own action. Bulk updates should be avoided as they may not comply with GDPR or local regulations.

Email scanners and GDPR

Some email systems scan incoming emails and automatically access any links to confirm they are not malicious. This can cause an opt-in link in an email to be automatically "clicked" before the receiver opens it, generating a false consent.

It is outside of Engage's area of responsibility to guarantee that unapproved consents are not created in this way. It is always up to you as the data controller to ensure that GDPR requirements are met.

There are however solutions to this problem. You can for example:

  • Set up a landing page with a second button to click that gives the actual consent
  • Use a captcha on that landing page to confirm the visitor is human
  • Have a client-side redirect that adds an extra required parameter to the link when it's clicked

Article last reviewed

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.