Skip to main content

Get the job done with a pro

From training to full-service marketing, our community of partners can help you make things happen.

Hire A Partner

Collect Consent With Popup Forms

Copy Article URL
Copied

When collecting personal data for marketing, like email addresses, through a Mailchimp popup form, it's important that people give their lawful consent, especially for those in the European Union (EU). The General Data Protection Regulation (GDPR) has strict rules about consent. This article will help you set up a GDPR-compliant popup form. We provide the tools and best practices, but you're responsible for ensuring that your popup forms copy and design comply with GDPR requirements and other relevant privacy laws.

In this article, we'll show you how to collect consent with Popup forms.

What Does GDPR Say About Consent?

The GDPR defines consent in Article 4(11) as:"‘Consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her."

In additon, Recital 32 clarifies:"Consent should be given by a clear affirmative act establishing a freely given, specific, informed and unambiguous indication of the data subject’s agreement to the processing of personal data relating to him or her, such as by ticking a box when visiting an internet website... Silence, pre-ticked boxes or inactivity should not therefore constitute consent." But this doesn't mandate a checkbox.

GDPR requires that consent be:

  • Freely given
    Not coerced or tied to unrelated benefits.
  • Specific
    Clearly tied to the purpose (e.g., email marketing).
  • Informed
    Users know what they’re agreeing to. They must also know how to unsubscribe.
  • Unambiguous
    Expressed through an active choice, not pre-checked boxes or implied agreement.

Making your popup GDPR-friendly

Follow the guidance below to make sure your popup form is GDPR-friendly.

(1) Ensure Opt-In with Clear Consent

  • Popup Copy
    Enter your email to subscribe and receive 10% off."

  • Setup
    Use the default email subscription field. When users enter their email and submit, this can be considered a "clear affirmative action" under GDPR, as long as:

    The purpose (email subscription for a discount) is specific and obvious.
    Users aren’t misled about what they’re signing up for.

  • Why It Works
    When users actively provide their email addresses, they expect the stated benefit in return. Make sure to link your privacy policy and explain how their data will be used.

(2) Add a checkbox for consent (Optional)

  • If you want to make the consent more explicit (or if you’re combining for multiple purposes), you can add a checkbox.

Best Practices

  • Keep language simple and specific.
  • Link to your privacy policy near the popup for transparency.
  • If you require consent for an action, like subscribing, make the checkbox required. When set to required, the step won't capture the email if the box isn't checked.

How to add checkbox fields on a popup form

To add checkbox fields to your popup form, follow these steps.

  1. In the popup editor, click add new element and go to User Input.
    popup-consent-add-element
  2. Drag and drop the Checkbox Set below the email input field. Update the text next to the checkbox to say:"I consent to receive email marketing from [Your Company Name]." Ensure the checkbox is:
    • Not pre-checked
      GDPR prohibits pre-checked boxes.
    • Required
      If you require consent for an action, like subscribing, make the checkbox required. When set to required, the step won't capture the email if the box isn't checked.
      popup-consent-individual-checkbox
  3. Update the copy of your new checkbox element to further clarify consent, eg: “I consent to receive email marketing
    popup-consent-email
  4. Map checkbox Set to a group, so that you can segment users who check the box.
    popup-consent-map-checkbox

If you’re in the UK, visit the ICO’s website to learn more on what counts as consent.

Your Responsibility

While Mailchimp provides the tools to create GDPR-friendly popups, you must ensure your popup’s copy and design comply with GDPR or other applicable laws.

For example:

  • Clear Consent
    Enter your email to subscribe and get 10% off" should be sufficient for a single purpose. However, if you're unsure, it's best to consult with a legal professional in your country.
  • Complex Cases
    If you add multiple purposes (e.g., marketing emails and data sharing), separate consents may be needed.

Need More Help?

  • Contact Mailchimp Support Options for technical assistance with popup setup.
  • For legal advice, consult a qualified professional familiar with GDPR and your jurisdictio

Technical Support

Have a question?

Paid users can log in to access email and chat support.

Was this article helpful?