Kajabi, You, and the GDPR

As a Kajabi customer and a member of the online “Knowledge Commerce” revolution, you have the unique opportunity to reach people in Paris, France, even if you live in Paris, Texas…or reach out to Athens, Georgia, from Athens, Greece!

No doubt about it, this worldwide marketing potential represents additional and growing income for many of you. As a result, no matter where you’re located, you’ve probably heard a lot by now about the EU GDPR (General Data Protection Regulation) which requires compliance by May 25, 2018.

Kajabi’s #1 core value is the #KajabiHero; you, our customers. We’re not only committed to the compliance of our platform for our own needs but yours as well. We’ve got your back!

Does the GDPR Apply to Me?

Many of you don’t live inside the EU, so it’s only natural to wonder, “How does this apply to me?” We emphatically encourage all our customers, just as Kajabi does, to answer this question with “Yes”.

Whether one of your subscribers signed up from their home in Dublin, Ireland, or while vacationing in Honolulu, Hawaii, you’ll have reassurance knowing your business is compliant and will maintain its reach worldwide safely and responsibly.

How can the GDPR Benefit Me?

In a word, “trust”. Many of you have likely witnessed in recent days the fallout that can occur when companies breach the trust of their valued customers in the oversharing and careless handling of data.

Stock shares can fall. People will unsubscribe. And worst of all, many will cancel and delete their accounts. The end result of this is all the same: a damaged reputation for the business and a loss of trust.

The opportunity provided by the GDPR is the cure to this. By reminding us and providing a framework for building more trusted relationships with people, we’re all put in a better position to maintain and build opportunities with our respective customers. The outcome from this can be fantastic!

Think about it:

  • A trusting customer is a returning customer.
  • A more trusting customer is more likely to open, read, and act upon your emails.
  • And most importantly, they’re far less likely to consider your mailing unwanted, or worse yet, report it as unwanted spam.

Your customers want to continue to trust you, and the GDPR is here to help guide you.

Great, I’m on Board! What is Kajabi doing to help?

Kajabi has and will always be committed to the security, safety, and compliance of customer data and its use.

To further bolster this, keeping the GDPR specifically in mind, Kajabi recently paid for and completed a Data Protection Impact Assessment (DPIA) to make sure we could close the gaps as necessary and ensure we all can remain compliant in advance and beyond the May 25, 2018 deadline.

Additionally, we’ve engaged legal counsel to guide us in moving forward with these efforts. With our “Forwarder” development cycle kicking off, we’re seeking to complete the remaining pieces to ensure this compliance.

With your (eager) permission, we’d love to share with you a list of some of the things we're going to complete in “Forwarder” which we’ve specifically added for GDPR compliance of not only our business but yours:

  • Complete internal documentation and training using the results of our DPIA as a checklist.
  • Aggregate contracts with 3rd party vendors as required by law.
  • Provide you with detailed instructions on our help site about building GDPR-friendly opt-in forms using checkboxes for “active consent”.
  • Convert the signup for Kajabi itself to use a checkbox for “active consent” to receive email marketing messages from us.
  • Add the ability for you to delete Affiliate Users. Not only does this help you keep your affiliate system clean, but gives you the ability to service deletion requests as required by law.
  • Rollout our double-opt-in email subscription verification feature, to provide you an additional layer of verification that people want to hear for you.
  • Remove rarely used analytics services from the Kajabi /admin itself.
  • Document our database backup retention strategy as required by the regulation.
  • Remove non-compliant opt-in choices from Kajabi checkout settings for member checkout.
  • Complete internal additional security training and impart an understanding of what’s required of us. 

We want you to rest assured in knowing that GDPR isn’t a destination, it is more of a process and a mindset. Beyond the May 25 deadline, we at Kajabi are dedicated to analyzing new features in light of these new requirements and documenting their development in compliance with the regulation.

Not only that, but we’ll continually revisit existing features and functionality to close any new gaps we may become aware of as the regulation fully rolls out and enforcement begins.

What can I do next?

Because we want to make this as easy and seamless as possible for you, we’ve put together a few simple action items you can take today to ensure you’re ready.

  • Consent Compliant Forms: Creating clear and direct opt-in forms will go a long way in ensuring your GDPR compliant. You’ll want to use checkboxes allowing your subscriber to indicate that they understand exactly what to expect from you by opting into your list.
  • Unsubscribe Option: With every communication, you send out it’s always important to give your subscriber an option to unsubscribe and remove themselves from your mailing list. Whether it’s through an “unsubscribe” link in the footer of your email, or done in some other way, it needs to be there and clearly identified.
  • Speedily Handle Data Requests: Any applicable circumstance in which a subscriber requests that their data or information be deleted, removed, or modified in some way, it is now critical to comply with that request as immediately as possible.
  • Using Data As Promised: When sharing or transferring subscriber data, approval is always needed. In most cases, if they opted in through a Kajabi form, they’ve already agreed to the permission terms built right into the page. But be sure to embed that same language into any additional list building pages.
  • Privacy and Terms Page: Another common yet sometimes overlooked need is making sure your site contains a privacy and terms page summarizing how you use the data which you collect.

Again these are just a few simple actions you can take today to ensure you’re completely covered moving forward. As new requirements are made we’ll be sure to update you and provide step by step general instructions.

The GDPR goes into effect on May 25, which is still plenty of time to get ready. If you have any questions that aren’t answered here feel free to reach out to us! We’d love to help.