What is a consent refresh strategy?
Still have a question, spotted an error, or have a better explanation or a source we should cite?
You've been sending to some of these contacts for years. But do you actually know if they still want to hear from you? More importantly, can you prove they ever properly agreed to receive your emails in the first place? That's exactly what a consent refresh strategy is designed to handle.
A consent refresh strategy is a planned process for periodically re-confirming that your subscribers still want to be on your list. It's not a one-time emergency fix. It's a deliberate part of how you manage your program over time, especially when original consent is aging, was collected under looser standards, or can't be clearly documented.
There are some common situations that should trigger a consent refresh campaign. Regulatory shifts are a big one. When GDPR came into force in 2018, companies worldwide scrambled to send re-permission emails to their EU contacts because older consent records simply didn't meet the new standard. Inherited or acquired lists are another trigger. If you've migrated to a new ESP or absorbed a contact list from another source, there's a good chance the consent documentation didn't come with it. Long-term inactivity is also worth flagging. Contacts who haven't opened or clicked in 12 or more months are both a deliverability risk and a consent question mark. And if you're planning a significant change to your email program (new content types, a different sending frequency, expanded data usage), refreshing consent before that change protects you and respects your subscribers.
Some senders build a regular refresh cycle into their calendar regardless of external triggers, re-confirming consent annually or every two years. It's worth knowing that regulators in different jurisdictions take different views on how long consent stays valid, so what counts as "fresh" depends on where your subscribers are located. (If you're unsure what rules apply to your list, that's a good reason to talk to someone who knows your specific situation.)
When you run a refresh campaign, the framing matters. You're essentially asking people to opt in again. Lead with the value they'll keep receiving. Give them easy control over their preferences. And accept upfront that a meaningful portion of contacts won't respond or will unsubscribe. That attrition is uncomfortable, but it's healthier than carrying legally uncertain contacts who will never engage anyway.
One practical note worth remembering. The refresh campaign itself relies on the existing (possibly weak) consent you already have to send one more message asking for proper consent. That message still needs to comply with current regulations. It can't be a workaround.
If you're dealing with a messy legacy list and aren't sure which contacts need refreshing, cleaning it first helps you start from cleaner ground. RME Clean can flag which contacts are worth including in a refresh campaign at all, so you're not wasting effort on addresses that were never going to convert.
Contributors
Who worked on this answer
Every name links to their profile. Every company links to their site. Real people, real accountability.