All posts by Annabel Youens

Annabel Youens

About Annabel Youens

I'm a co-founder and CMO at AE. I believe that truly successful internet businesses have to connect people. {wave} When I'm not online I'm exploring beautiful Vancouver Island. Things I love: everything scifi, literary fiction, coffee, Google Music, my workhorse sewing machine and board games.

This post is part of our series: Find Out Fast If Your Business is GDPR Ready. Our goal is to help businesses make sense of privacy and data. AE is your Babel Fish for Legalese 🐠

Why should you use Double Opt-In?

Double opt-in is an important way to get your customer to explicitly agree to joining your newsletter. If you’re focusing on being GDPR compliant, you’ll need to get your customers to say yes not once, but twice. Yep, they really want your newsletter and that is a great thing for you.

What is Double Opt-In?

The process of double opt-in

“Double opt-in” is when a user:

  1. Signs up to receive your emails
  2. Receives a confirmation email from you
  3. Clicks a link to verify their email and reaffirm that they wish to receive your e-newsletter.

Double opt-in is great because it ensures that everyone receiving your emails is actually interested in reading them!

How to Set Up Double-Opt-In

You can set up double opt-in using any email newsletter provider. We really like MailChimp. Here’s what they have to say about double opt-in and how to set it up using their service.

If you’d rather explore other options, here’s a list of some more providers you can try out:

To fully understand what’s happening in the world of GDPR and customer data, you’ll want to have a grasp of what web beacons and cookies are and how they work. Here’s our quick breakdown.

Web beacons and cookies are part of customer data collection and are important to understanding GDPR.
Beacons and cookies and web, oh my!

Web Beacons

Web beacons are often referred to as pixels that get tracked. They are small transparent gifs that live on websites.

When you visit a webpage that has a beacon, you download the pixel. Now the site with that beacon knows things like your IP address and your country.


The information gathered by the web beacon is usually paired with a cookie, so now the business knows you visited and they can re-target you specifically with ads. We all know those annoying ads you see over and over. I looked at that luggage website for 5 seconds and now all I see is ads for rolling suitcases.

Cookies are usually used to help your browser remember you’ve been there before by storing your account information. For example: you log into Gmail in the morning, around lunch you close your browser, you come back to your Gmail page in the afternoon and you’re already logged in. Cookies don’t normally store any personal information about you, so you can’t be identified by it.


This post is part of our series: Find Out Fast If Your Business is GDPR Ready. Our goal is to help businesses make sense of privacy and data. AE is your Babel Fish for Legalese 🐠

What is a Privacy Policy?

Simply put, a Privacy Policy is a document that tells your customer what data you’re going to collect from them, how you’ll use it and who you’ll share it with.

Why You Need a Privacy Policy

If you have a business website, you should have a Privacy Policy. It’s important that your business models best practice, plus it’s likely that you’ll need one to meet your online legal requirements.

Take heart.💌 It doesn’t have to include swaths of pages of legalese. In fact, the more straightforward and simple you can make your Privacy Policy, the more your customers will trust you.

Great Examples of Privacy Policies

Writing a Privacy Policy can be awfully dry. We’ve collected a few examples of companies who have added personality to their boring documents, and managed to make them more interesting — even friendly. Almost as though you’re talking to their best customer service reps.  

Xero has a great privacy policy.

We’re huge fans of Xero and their Privacy Policy is clear and to-the-point. Marvel in its readability!

Typeform has a great privacy policy.

Typeform have, of course, used a form to display their Privacy Policy as well as their terms and conditions. Do check out their plain English version. It rocks.

MailChimp has a great privacy policy.

MailChimp has done a pretty good job as well on their Privacy Policy. They deal with a lot of customer data and have clearly marked out how they use it.

HelpDocs has a great privacy policy.

We love the fellas at and we use their service. They also break down the complex world of privacy well.

We think AE's Privacy Promise is a pretty great example of a privacy policy too.

We’re pretty proud of the work we’ve done on our own Privacy Promise.

Some Helpful Resources For Writing a Privacy Policy

The DMA (Data and Marketing Association), based in New York describes the outline your Privacy Policy should follow in their post How To Construct Your Privacy Policy.

Here’s what they recommend including:

  1. Contact Information
  2. The personal data you collect and use
  3. Whether you use cookies
  4. What kind of information will be shared with 3rd parties
  5. Marketing Preferences
  6. Review and Changes
  7. Notifications
  8. Security
  9. Enforcement
  10. Changes
  11. Effective Date

There are even several privacy policy generators available online. These can be helpful to get you started, but always get actual legal advice so you know you are covered.

Here are a few privacy policy generators you can check out if you’re interested:

How to Explain AE’s Service in Your Privacy Policy

To help you construct your own policy when you’re using AE Connect, it’s important to know several things:

What Data Does AE Collect?

The short answer is, it’s different depending on the service your customer registers with. We’ve broken down the information AE collects by service to help you fill in your Privacy Policy more easily.

Does AE Use Cookies?

The short answer is yes. Check out our Web Beacons and Cookie Guide.

AE’s Privacy Promise

We deal in customer data every day. We know the companies who work with us trust us to keep their data secure and private. This is a huge deal to us and we don’t take the job lightly.

We have a Privacy Promise that outlines how we collect data and what we do with it. It’ll probably give you some ideas for your own.

Best of luck writing your own Privacy Policy. Of course, we always recommend you have the Privacy Policy you come up with reviewed by a smart and trustworthy lawyer.


This post is part of our series: Find Out Fast If Your Business is GDPR Ready. Our goal is to help businesses make sense of privacy and data. AE is your Babel Fish for Legalese 🐠

My brother’s left Facebook. My dad is getting ready to leave the blue F. I feel pressure to leave it as well. Why? Because I know Facebook is making money off my data and I don’t feel like I get a lot of value from the platform. Plus I’m crazily annoyed by the “sponsored posts” thrown into my feed. Facebook has turned into 80s TV programming. The shows you want to watch are surrounded by loud ads and other ridiculous shows that you have to sit through, to get the content you care about.

I care deeply about technology’s effect on our world. I may be a marketer — but first, I’m a person. I have a complicated relationship with online data.

Here’s a look at data from this marketer’s point of view: the dark side, the light side, and the potential for a better future together.

Why I Still Use Facebook

There are two sewing groups on Facebook that I’m incredibly involved in. These communities live inside Facebook and are filled with kindred spirits that help me figure out how to sew a french seam (leveling up!) and give me fitting advice. I love the value I get from these two groups. They just happen to be on Facebook.

I also have a young daughter. Our family and friends are spread out around the globe. And yes, Facebook is an easy sharing platform for photos.

As a marketer, I also need to stay on Facebook to see how companies are building communities, promoting their products and learn about the new tools Facebook offers for advertising.

When I take a high level view of my Facebook use, I basically use it for photo sharing and forums.

Why I Value Google

The other side of my digital coin is my complete and absolute surrender to Google. I use Google for almost everything: email, documents, photos and music. Why? Because Google makes my life easier and presents me with useful information, like when I should leave for a meeting or if my flight has been delayed. And all my services are synchronized so that I’m not logging out and logging into different apps and services all the time.

Having most of my digital content integrated with Google means I can view the photo album I have shared with my husband, plus it’s easily shared with other family members on Google… But they’re not all there and that’s the crux of any sharing platform.

We even have a Google Home mini in our kitchen that gives me news in the morning and makes it Google-easy to start a new podcast while I’m baking. No more flour all over my phone!

The Dark Side and the Light Side of Data

Recently when I tell people that I co-founded an insights company that uses customer data to deliver better experiences their reactions have changed. At the moment I get eye-rolls 🙄 and scrunched up foreheads. Fair enough. Data is seen as the dark side of the internet at the moment.

But like every industry there are companies that have bad practices and ones that have good practices. I started thinking about the Empire of Data and the Jedi Order of Data when the lovely Manoush Zomorodi (she is my podcast BFF) and her team at Note To Self released an episode called “Deep-Dark-Data-Driven Politics”. It was the first time I heard the words Cambridge Analytica and I learned about the personal data they’d collected from Facebook.

Over on the Dark Side you have data companies scrapping the internet, gathering all the customer data access points they can and then selling this data to other companies. Boo!!

On the Light Side you have data companies that get specific opt-in from customers and clearly tell them what they’re going to use their data for. Opt-in is like a digital handshake that lets the customer say, “Hey, here’s some of my data” and the company says “Thanks. We’ll keep it safe and use it to make your life better.

That’s what I feel like I’ve done with Google. My life is made better by their service and in return I give them access to my data.

As for Facebook I’m not convinced we’ve had that digital handshake. And with all their customers realizing how their data is being used on that platform it’s going to have to evolve or die. These mammoth social services look too big too fail, but they all come and go. Remember your first friend Tom on this social network that used to be the go-to social networking site? You might not.


Read more about Data Privacy:

Every two years, Jeff and I try to visit our Enterprise clients. For this reason, traveling has become a constant part of our lives as co-founders. To be honest, when I first started traveling for work, it felt rather glamorous. Now it’s just a fact of our business lives. (Jet lag is no laughing matter!)

One of the reasons we make time to travel is that it’s so nice to meet clients in person. Sometimes I talk to people over email for years before I finally get to meet them in person. It makes the biggest difference to see someone’s smile and hear their voice. I also love seeing people’s personalities come through in how they sit, how they laugh, and what they wear.

I’m not a huge fan of the term “building relationships” because every marketer tosses it around, but that’s exactly what these trips do. I get to know people beyond their email addresses and their product needs. I hear about a recent vacation to Italy, find out what it’s like to be an empty-nester, and learn where to find the best coffee in the area. It’s a great reminder that we’re all unique people and we all want to be understood.

Our recent trip over the Atlantic took us to the UK.

Appreciation Engine co-founders Jeff Mitchell and Annabel Youens in the UK.
Co-founders Jeff and Annabel take a rainy selfie in the U.K.

On this trip, I finally got to meet members of the French team from one of the major labels we work with. It felt like meeting old friends… ones I’d never met before.

Jeff and I visited a number of record label offices. We caught up with technical partners and visited new media companies we are just getting to know. There was a lot of discussion around data privacy, the upcoming GDPR regulations  — and not to mention, how on earth did Cambridge Analytica get access to all that data?

Our clients’ data security is always top of mind for us. Finding insights in customer data is what we do, but we’ve never engaged in scraping data. We have a strict policy of being transparent about what we use and why we use it. In the end, our insights are meant to increase trust between companies and their customers. Our social login tool is a digital handshake that lets the customer say, “hey, here’s some of my data” and the company says “Thanks. We’ll keep it safe and use it to make your life better.” Data insights can be used to send you better offers, recommendations, and tailored content. Wouldn’t you love getting emails that talk about exactly what you’re interested in?

Data & Privacy: Where do we go from here?

Our discussions about customer data in the EU vs. in the US got me thinking about how to help my fellow marketers make sense of what’s going on with data privacy right now. At the moment, I’ve got a bunch of arrows, lines, and scribbles written down on a piece of paper. I’ll be transforming it into something you can use to make decisions and build better privacy practices for your company. Stay tuned — you’ll be the first to know when our data and privacy flow chart is ready.


Appreciation Engine co-founder and CTO Jeff Mitchell having a pint in London.
Co-founder and CTO Jeff enjoys a pint in London.


Want to learn more about data privacy and GDPR?