MailChimp API GDPR Fields

Question

I have a newsletter form with name & email fields, which upon submitting gets sent to /api.mailchimp.com/3.0/lists/####/members using the MailChimp API.

From what I understand, the new GDPR fields that MailChimp have created don't seem to have an associated field tag meaning that they can't be assigned values using the API.

Is there a way to capture the user's consent with my existing form, and match these up to the MailChimp GDPR fields, or do I need to replace my form with a MailChimp embedded form instead?

Answer 1

In the meantime the Privacy Shield has fallen, which makes the storage of European data in MailChimp illegal, or at least questionable. You might want to reconsider your choices. Rocket Genius (MailChimp) is an explicit partner of the Privacy Shield.

See: https://www.cookiebot.com/en/schrems-ii-privacy-shield/

Answer 2

Looks like MailChimp recently added support for their GPDR fields (marketing permissions) using their API. So now you should be able to use your existing form to capture consent.

Are GDPR tools available in the API?

Yes. We've added marketing_permissions as a field with a boolean value, so you can enable GDPR fields and sync contact marketing permissions using the API. To learn more about managing lists with MailChimp API, check out our API documentation.

To comply with requests to fully delete data, you can also permanently delete contacts using the API. After a contact is permanently deleted, they cannot be re-imported.

Source: https://mailchimp.com/help/gdpr-faq/#API

Note that you might want to checkout their docs on proving consent since you will not be using their form.

Answer 3

meaning that they can't be assigned values using the API.

It's actually possible to set the GDPR options values via API for a list member, the only problem is to know the different marketing_permission_ids in advance. One trick though can be to insert the member (or a dummy member) without specifying them, extract such ids from the response payload, and then do a second update call using such ids:

PUT https://usXX.api.mailchimp.com/3.0/lists/{{listId}}/members/{{subscriberHash}}

{
    "marketing_permissions": [
        {"marketing_permission_id": "12a69fa097", "enabled": true},  // 'Email' consent
        {"marketing_permission_id": "d0dc5969af", "enabled": false}  // 'Direct Mail' consent
    ]
}

Answer 4

Still no API for the field as of August 2018,it's very odd. We don't want to bypass it as having the consent is required.

I've seen some Mailchimp apps (such as Optin Cat for Wordpress) get around this by creating their own GDPR field/checkbox but obviously doesn't sync up with Mailchimp.

Answer 5

While waiting for the API to include this possibility.. What I currently do is adding 2 fields to my list - "consent" and "consent date". "consent" stores the exact text used in my consent checkbox (same as mailchimp) "consent date" stores the date the consent was given. This is important since I'm updating subscribers info each time they fill a form and I don't want to lose the original consent date.

Once a visitor has given his consent I'm saving a cookie in order to hide the consent fields next time a form is served to him.

Answer 6

I was having the same issue using the embedded forms from Mailchimp, but found this as a possible workaround, which we have just implemented. So far, I believe this will work for us!

https://getpublii.com/blog/newsletter-opt-in-gdpr-compliance.html

Answer 7

I tried to find the best way to skip the API.

And the best way i found is To use a HTML page where you can put your trackers (analytics, pixel) and what you want. And include a Subscriber pop-up compatible with the GDPR fields.

Answer 8

One of the answers above says "we just have to wait, or switch to the embedded form instead". However, I navigated to this page because I was having a similar problem with the embedded form - I can't see a way of adding the GDPR fields to it. If anyone has a solution to that please let me know. However, if not, I'm assuming I need to wait for the same "fix" as you guys.

On the other hand, the Pop-up sign-up form does have the GDPR fields enabled. Unfortunately that is not suitable for my purpose.

Answer 9

I have the same problem, so I asked MailChimp support, here is the response I got:

Currently API support is not available for GDPR fields. We hope to have this functionality available soon, although I’m not able to provide a time frame. That being said, I’m happy to pass this feedback along to our developers.