Double Opt-In best practices

About Double Opt-In

The Double Opt-In system is becoming more and more popular, with multiple Brands already implementing it on their online sign-up processes as an extra security layer, especially when implementing Social Login functionality. This process forces users to confirm their sign-up data twice, for various reasons:

- Guarantee legal requirements related to the users' data protection privacy - consents required by the aplicable data protection laws can be obtained and recorded, making the access to users' social details and reaching them with commercial communications comply with current regulations.

- Validate the user contact details in order to ensure their quality and validity, resulting in more reliable CRM data which will increase the effectivity of the future support and marketing communications.


Double Opt-In example (Estrella Damm)

Estrella Damm is one of the largest beer companies in Spain, part of the Grupo Damm group which comprises the Rodilla restaurants chain, beers like Estrella and Voll-Damm, as well as mineral waters and milkshakes (Cacaolat).

In this example we can see Estrella Damm's website sign-up process with the Double Opt-In system, as experienced by a user:

1- The user navigates to website's home page and decides to sign up:

Double Opt In (1)   Copia

2- He is advised to register with her/his Facebook credentials via Social Login:

Double Opt In (2)   Copia
3- The user is then redirected to Facebook, where she/he is prompted to accept the consent to sharing her/his Social Profile's data with Estrella Damm:

Double Opt In (3)

4- The user has the option to configure which information is willing to share. Facebook will show some examples of the information that will be shared with the Brand.

Double Opt In (4)
5- Upon accepting Facebook's prompt for sharing the social media profile with Estrella Damm, the user is redirected to Estrella Damm's website where the Double Opt-In checkbox will be presented in order to confirm the necessary legal consents from the user. This Opt-In form is presented by Estrella Damm, and therefore there is total control on the Terms & Conditions and Privacy Policies that will be made avaialble to the user for approval:

Double Opt In (5)
IMPORTANT: Only after receiving the explicit user consent for both Facebook's and Estrella Damm's specific data privacy requirements and policies, actual personal data from Facebook will be retrieved. This is key in order to ensure that no personal data is accessed or processed before the user provides explicit consent.

6- Upon accepting all terms and conditions and the requested Opt-Ins, and already following the new European personal data privacy policies that will become effective in May 2018 (GDPR), Estrella Damm in this example informs the user in the following screen about the information that has been collected from the user. Xeerpa facilitates a serie of widgets which help providing the user with this required information:

Double Opt In (6)
Double Opt In (7)
Double Opt In (8)

Find out more about GDPR and how Xeerpa helps clients comply with it here.

Conclusion and recommendations

Xeerpa always recommends using Double Opt-In in order to guarantee and record the user consent to the sharing of personal information, as well as permission to contact the user for marketing communications. In line with the new GDPR regulations, Xeerpa provides a series of widgets and functionalities that help companies comply and make effective all the required changes in the sign-in and registration processes.

Please contact us on support@xeerpa.com if you have any further question.