Before adding new recipients to your contact list, you need to ensure that you have the proper permission for each and every recipient on your list. Why? Without proper permission, you run the risk of getting reported for spam, or worse, being sued or facing monetary penalties under anti-spam laws. The basic principle of permission is that you can only email people who have explicitly given you permission to contact them, and only about subjects that they have specifically agreed to. Failure to ensure that all your recipients fall into the “Acceptable Use” category below will result in immediate termination of your account.
- Explicitly opted in with you online. Each recipient subscribed to your list online and opted in for one or several types of mailings, for example by clicking one or more subject-related checkboxes that were unselected by default. Co-registration on a partner’s site is OK as long as there are separate opt-in options for each list and it is clear to users that they are subscribing to your list. If you haven’t sent the recipient email in over 6 months, we recommend a reintroduction message reminding them what they subscribed to, and when.
- Explicitly opted in with you offline. Recipient completed your offline form, survey or participated in your contest and gave their express permission to be contacted by email about specific subject(s), for example by ticking an empty checkbox.
- Gave you their business card. If it’s absolutely clear that by giving their card the recipient would be added to a list with a particular subject matter, you have permission. We recommend an introductory message reminding them what they subscribed to, and when.
- Explicitly opted in for the subject you are contacting them about. When opting in, it should be clear to the recipient what the nature of the mailings will be. For example, just because someone opted in for updates about a specific product doesn’t mean you can also add them to your general newsletter or promotional mailings for other products.
- You have implied consent through an existing business relationship. You must obtain explicit consent from these recipients within 6 (six) months if they have not effected a purchase with your business or within 2 (two) years if they have effected a purchase with your business.
- Email address copied from the Internet or other source. Just because someone published an email address online, in a directory or on a business card, doesn’t mean they’ve given permission to be added to your mailing list.
- No email sent to recipient’s address in over 2 years. Even when proper permission is granted, it doesn’t last forever. When too much time goes by, people forget they opted in and will consider your email to be spam. The industry norm is that permission expires after 2 years of no contact.
- Email address obtained from a third party. If you purchased, rented, borrowed or otherwise acquired a list from another party, even if it’s an opt-in list, the recipients didn’t give their permission to hear from you specifically.
- Recipient is a customer but hasn’t opted in. Just because someone was your customer doesn’t give you explicit permission to send them email marketing messages. They would first have to opt in for the specific subject about which you are contacting them.
- Email address is generic and used by several people. You cannot email to generic email addresses like email@example.com, firstname.lastname@example.org or email@example.com because they are often role-based and the users of such addresses change frequently. The only exception to this rule would be if you knew the recipient and were sure that it was their permanent individual email address.
- Email address is a distribution list or mailing list. You cannot send email to any address that forwards to more than one person because it is impossible to determine whether all recipients have given permission, and there is no way for them to unsubscribe individually.
Every email you send using CakeMail must include the following:
- A unsubscribe link that instantly removes the subscriber from your list.
- The name and physical address of the sender.
Compliance under Canada’s Anti-Spam Law ("CASL")
If you send emails to Canadian recipients, whether you are located in Canada or not, as of July 1, 2014 you may be subject to An Act to promote the efficiency and adaptability of the Canadian economy by regulating certain activities that discourage reliance on electronic means of carrying out commercial activities, and to amend the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act (informally known as Canada’s Anti-Spam Law, CASL).
If you send Commercial Electronic Messages to Canadian recipients, you are most likely subject to CASL regulation. Commercial Electronic Messages ("CEM"s) are defined as any electronic messages including emails which encourage participation in a commercial activity, without regard to an expectation of profit. There are certain exceptions, but they are limited.
Compliance under CASL is more stringent than under other anti-spam laws, and more stringent than the general guidelines given further up in this Policy. As a general rule, to be compliant under CASL you must: (1) have obtained valid consent to send a recipient a CEM and (2) your CEM must contain certain information, including an unsubscribe mechanism with certain requirements.
To visit the CRTC Anti-Spam portal, please visit: http://fightspam.gc.ca
To get more information about the CAN-SPAM Act, visit https://www.ftc.gov/tips-advice/business-center/guidance/can-spam-act-compliance-guide-business
To get more information about the EU Data Protection Reform, visit http://ec.europa.eu/justice/data-protection/reform/index_en.htm.
Valid Consent under CASL
When collecting an email address (for example via a web form or paper form) for your mailing list, the following information must be present for the consent to be valid under CASL:
- The name of person or organization asking for consent;
- The specific purpose for which you are obtaining consent (e.g. “receive offers from Company Name”, “Receive Company Name’s newsletter”);
- A notice that the subscriber can withdraw their consent at any time; and
- Contact information, which must include a physical mailing address AND an electronic communications method, whether email or phone or a web page contact form. A hyperlink to a web page with all this contact information is acceptable.
If you are seeking consent on behalf of another organization, that third party organization must be identified as well.
Content Requirements for a CEM under CASL
Every CEM sent must include the following information:
- The name of the person or organization sending the CEM, or if the CEM is being sent on behalf of another person / organization, the name of the person / organization on whose behalf the CEM is sent;
- If the CEM is sent on behalf of another person / organization, a statement saying so;
- Contact information, which must include a physical mailing address AND an electronic communications method, whether email or phone or a web page contact form. A hyperlink to a web page with all this contact information is acceptable; and
- A valid unsubscribe mechanism.
Valid Unsubscribe Mechanism
In order for the unsubscribe mechanism to conform to CASL requirements, it must:
- Enable the recipient (at no cost) to readily remove themselves from the mailing list;
- Stay valid for a minimum of 60 days after the CEM has been sent; and
- Process requests without delay and be effective not more than 10 business days after the request is made.
If you use the unsubscribe mechanism provided by CakeMail, it will conform to these requirements.
If you have determined that your emails are subject to CASL regulation, you must adhere to all these requirements.
Other Anti-Spam Legislation
If you have received an email from one of our clients and wish to be unsubscribed, please forward it to firstname.lastname@example.org.