Disclaimer – We are not providing any legal advice or consultation pertaining to GDPR or other compliance issues. Please consult with your legal teams and resources to ensure they are aware of their obligations under applicable regulations.

GDPR applies to anyone living in an EU member state and any organisation doing business with them (even if the organisation is outside of the EU). The GDPR replaces the Data Protection Directive and comes into effect on May 25, 2018.


  • Give EU citizens insight into the data collected about them and control over how it is used
  • Clarify and simplify the legal expectations for businesses
  • Create a cohesive EU data law for all member states
  • Improve compliance

GDPR has become strict with the definition of consent and ‘opt-out’ consent will no longer be sufficient, all individuals must actively opt-in. The GDPR rules that consent must be freely given, specific, informed and unambiguous thus allowing individuals to know how their data will be processed BEFORE any processing can take place. Once an individual has given consent they still have the right to withdraw this at any point and organisations need to be able to comply with this request.

Act-On has developed a guide to enable users to manage consent for GDPR, listed below are items that are covered:

Capturing consent for web tracking

Organisations have the ability within Act-On to track and analyse the individuals’ web activity. With the implementation of GDPR, individuals must be given the opportunity to opt-out of being tracked. Act-On has made that change easy.

Capturing consent via double opt-in

GDPR dictates that before you can market to individuals, organisations must gain permission via a closed loop or double opt-in. Essentially, this reconfirms that the individual really does want to opt-in to receive communication. Act-On has made it simple to create double opt-in forms which can then be used as a filter in the master list to act as proof of consent.

Managing withdrawals from your database

Under GDPR, individuals have the right to not only withdraw consent but to be completely removed from your organisations’ database. Act-On has made this process easy by allowing you to segment the master list to remove individuals that have withdrawn.


Chloe is Sugabytes Customer Success Manager. Ensuring our existing customers of Sugabyte continue to be successful using SugarCRM.