Email Marketing Rules and Regulations Surrounding Email Solicitations
The excitement of starting a new business and receiving that first customer is a feeling that is not a one size fits all. Pending the service or product that is offered, the email marketing solution or product that is delivered can bring a full bag of emotions, with a sense of accomplishment and worthiness that cannot be taken away or diminished. That is, if the business conducted their email marketing solicitations within set rules, laws and regulations, primarily for emails.
Utilizing the most effective channel stream to conduct business is a no-brainer. People check their email constantly as it is right at their fingertips. However, ensuring that your email marketing campaigns follow the rules is of the upmost importance.
CAN-SPAM Act of 2003 (enacted in 2004) in the U.S., is set of laws that legislate requirements on how business can be conducted through electronic mail (email). The regulations also spell out how the business should give recipients the right to opt-out of receiving emails and what the penalties for violations are.
It is important to note that the laws do not just apply to mass emails, it covers all commercial emails that as defined by the law as “any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service,” which includes solicitations, including unsolicited emails, that promote content on commercial websites.
The CAN-SPAM Act can be broken down to the following main requirements:
- First and foremost, you must have permission from your recipients to send messages. There are two kinds of permissions that fall within the law: Implied and expressed. Implied permission is those with whom you have a business relationship (customer, active subscriber, etc.). Expressed permission is granted when someone specifically gives permission to send them information regarding new email campaigns (subscription form, newsletter, etc.).
- No false or misleading header information. The information in the “From”, “To”, “Reply-To” sections and the routing information (domain name and email address), must be accurate and confirm the person or business who sent the message.
- No deceptive subject lines. They must accurately reflect the content of the message.
- Message must be identified as an ad. There is a slight leeway on how this can be accomplished, but it must be clearly and conspicuously stated that your message is an ad.
- The message must include a physical registered address through the U.S. Postal Service, or a private mailbox registered with a commercial mail receiving agency under Postal Service regulations.
- Opt-out instructions. The email content must include a clear and conspicuously stated explanation of how the recipient can opt-out of receiving future emails from your business. This can be done through different type and color treatments and messaging (menus, reply instructions, etc.).
- Honor the opt-out requests within the next campaign cycle. If users have chosen to not receive any further communication from your business, honor these request promptly – usually within 10 business days, collecting no fee or any personally identifying information beyond just their email address. Furthermore, once they have chosen to stop receiving communication from your business, you are unable to sell or transfer their email address.
- Maintenance of information. The law clearly states that even if another company is to handle your email marketing, the legal obligations still stays on your shoulders and is your responsibility. Note, penalties will be sent to both
It is important to note that the regulations above for CAN-SPAM also apply for newsletters or other types of marketing or promotional announcements that your business will be sending. However, transactional emails are exceptions from the regulations stated above. These include: order confirmations, password or username information, shipping orders, etc. because these are emails that contain content about an active membership from a current customer or existing order from a business.
Outside the US
In 2016 (enacted in 2018), the European Union passed the EU General Data Protection Regulation (GDPR), which has brought the biggest amount of change to how data is handled across every sector of the internet. As the internet grows, so does the challenges of keeping personal information safe. The EU GDPR was designed to keep the user in control of how their personal data is used and that businesses start with an even playing field. This applies to even companies outside of the EU, as they must adhere to the same rules as European countries if they are offering goods or services to those within the EU.
Personal data under the EU GDPR is considered anything from names, photos, medical information, and even the user’s IP address. And they have the right to request from the company how and where it has been used.
Data processing under the EU GDPR is considered, “processing of personal data wholly or partly by automated means as well as to non-automated processing, if it is part of a structured filing system.” This includes: payroll, general access to a contact database containing personal information, posting a photo online, promotional emails (which will also have to comply with the EU rules in the ePrivacy Directive, which are similar to those found in the CAN-SPAM legislation).
Careful examination of laws within your own country where operations are headquartered, but also where business is conducted is crucial to avoid violations. To fully understand, your company must thoroughly research these regulations that surround the operations of your business and how communications are marketed to your audience will be extremely beneficial in long-term strategy of your company.
By consulting with Colleen Eakins Design, we can help with not only sourcing the correct email marketing software tool best for your company, but to create those campaigns to continue to build your customer list the correct way.