Hello,
There is confusing and counterintuitive behavior with how consent is managed through Marketing forms. The logic for both new and existing contacts, especially concerning Double Opt-In (DOI), seems to create significant risks for data integrity and GDPR compliance.
Scenario 1: Form with NO Double Opt-In Enabled
Observed Behavior:
New Contact:
- Checkbox is checked: A new contact is created and is opted-in. (This is expected).
- Checkbox is not checked: A new contact is created and is opted-out.
This is incorrect and problematic. A new contact who simply doesn't check a box has not actively opted out; they have simply not opted in. The system should create the contact with no consent record, leaving them in a neutral, default non-consented state. Creating an explicit "opt-out" record is a destructive data action that was not initiated by the user.
Existing Contact:
- Contact is currently opted-out, and the checkbox is checked: The contact's consent is updated to opted-in. (This is expected).
- Contact is currently opted-in, and the checkbox is not checked: The contact's consent is updated to opted-out.
This is a major issue. For example, an existing subscriber might use a "Contact Sales" form to ask a question. If they forget to re-check the marketing consent box on that form, they are unintentionally removed from all communications. This is not a desirable or logical outcome.
Primary Question for Scenario 1:
Is it the intended system behavior for an unchecked consent box to create an "opt-out" record for new contacts and overwrite the consent of existing opted-in contacts? If so, what is the recommended method to prevent accidental opt-outs and ensure an unchecked box results in no change to consent data?
Scenario 2: Form WITH Double Opt-In Enabled
Observed Behavior:
- New Contact & Checkbox Checked: A DOI email is sent. Upon confirmation, the contact is created and opted-in. (As expected)
- New Contact & Checkbox NOT Checked: A DOI (double opt-IN) email is still sent. Upon clicking the link, the contact is created with an explicit "opt-out" record.
- Existing Opted-In Contact & Checkbox NOT Checked: A DOI email is sent. Upon confirmation, their consent is changed to opt-out.
Questions for Scenario 2:
- Why is a Double Opt-In email sent when the user has NOT opted in? Sending a confirmation email to create an "opt-out" record is illogical, confusing for the user, and goes against the principle of Double Opt-In.
- Why are new contacts not created until after DOI confirmation? The initial submission is a valuable lead, even if marketing consent is never confirmed. We need to capture this contact information immediately upon form submission. Is there a way to enable this?
Scenario 3: Compliance Profile DOI Setting
We have tested the setting: "For new customers only - Do not send DOI email if the mail address already has consent."
Observed Behavior:
If an existing, opted-out contact submits a form with the consent box checked, this setting causes them to be immediately opted-in without receiving a DOI email.
Question for Scenario 3:
This behavior seems to completely undermine the purpose of DOI. A contact who was previously opted-out is precisely the person who should receive a DOI email to re-confirm their consent. This setting should only bypass DOI for contacts who are already opted-in. Is this behavior intentional?
Summary of Core Issues:
- Destructive Consent Logic: Forms actively create "opt-out" records or overwrite existing "opt-in" records when a consent box is left unchecked. This is a critical flaw.
- Illogical DOI Process: Sending DOI emails when contact is not opting in is confusing and incorrect.
- Delayed Contact Creation: Not creating contacts until DOI is confirmed results in lost lead data from initial form submissions.
- Flawed Compliance Setting: The "For new customers only..." setting incorrectly bypasses DOI for previously opted-out contacts, which is a major compliance risk.
The current implementation of consent is far from useful and presents serious risks. We need clarification and solutions for these behaviors.
Thank you.