Whatever you do, do not ask subscribers to your company's newsletter to confirm their consent due to GDPR! You’ll probably end up either losing a large proportion of subscribers or standing in a grey zone.
In the period up to May 25, 2018, many Danes' inboxes were bombarded with mails from companies from whom they had opted to receive newsletters, asking that they confirm their consent under the GDPR. The problem is that the personal data regulation has never said that companies should ask their subscribers whether they will continue to subscribe. And furthermore, asking arouses suspicion that the company is in doubt as to whether it was legally authorised to send newsletters in the first place.
Certainly, consent to newsletters means that the company must make it loud and clear to the user what they agree to receive, and it should always be possible to unsubscribe from the newsletter. Consent can always be withdrawn.
The problem for the businesses that send confirmation messages to their subscribers is that, thereafter, they may neither send newsletters to subscribers who have refused to receive newsletters nor to those who do not respond to the mail. By asking, you have cancelled the prior consent, as they now have to take a position on whether they will continue to receive the newsletter or not.
And if you are or were in doubt that you have the consent of newsletter recipients, there is no other choice than to delete the contacts. But this actually has more to do with marketing rules and spam rules rather than GDPR. You should always have had consent to send newsletters.
Therefore, if you already had valid consent from a person to send newsletters, do not ask again and you can continue to send your exciting newsletters to subscribers.