What’s the difference between subscriber data and consent metadata?

Subscriber data encompasses all the information you hold about a subscriber: their email address, name, demographic information, preferences, purchase history, engagement metrics, and any other profile attributes. This is the operational data you use to segment audiences, personalize content, and analyze campaign performance. Subscriber data directly enables your email marketing activities and represents the information the subscriber shared with you or that you collected through their interactions.

Consent metadata is the documentation about the consent itself-proof of when, how, and under what terms the subscriber agreed to receive communications. This includes timestamps, opt-in source URLs, IP addresses, the version of consent language displayed, and records of any subsequent preference changes or consent withdrawals. Consent metadata doesn't describe the subscriber; it describes the permission relationship between you and the subscriber. It answers questions like "Did they consent?" "When?" "To what exactly?"

The distinction matters for data retention and deletion requests. When a subscriber requests deletion under GDPR's right to erasure, you typically must delete their subscriber data. The upersonal information and profile attributes. However, you may retain consent metadata (in minimal form) because it serves a compliance purpose: proving you had valid consent when you were sending to them, and maintaining suppression records to prevent re-contact. The consent metadata transforms from permission to process into evidence of past lawful processing. Subscriber data tells you who someone is; consent metadata proves they let you contact them-both are essential, but they serve different purposes and follow different lifecycle rules.