Rules your small business must follow to comply with email spam laws

Email is an essential communication medium for individuals and businesses. But spam, or junk mail sent for advertising or nefarious purposes, has made it less reliable and a security risk. According to the latest statistics, spam accounts for 55% of email traffic, which is clearly alarming, as spam can be a barrier to productivity.

Fortunately, there are laws regulating spam, effectively preventing companies from sending excessive promotional emails. For instance, the United State’s Controlling the Assault of Non-Solicited Pornography And Marketing (CAN-SPAM) Act of 2003 includes laws that seek to regulate commercial emails. Meanwhile, the EU’s General Data Protection Regulation (GDPR) and Canada’s Anti-Spam Legislation (CASL) may also apply to businesses in the US if they happen to have customers overseas.

To stay compliant with these laws, make sure you abide by these rules:

#1. Avoid using misleading header information

The to, from, reply-to, and other header information should always be accurate. When sending an email, indicate the name of your business or a specific person affiliated with your company in the header.

For instance, if your company is named Acme Co., your from address should not display another company’s name to avoid misleading your email recipients. It should display something like “from:”, as this identifies you and any entities affiliated with your organization.

#2. Your subject line must be accurate

There’s nothing wrong with getting creative with your email subject lines to catch customers’ attention, but avoid writing subject lines that don’t properly convey your email’s content.

For example, a subject line like “I love you” would be ill-considered and could easily look like spam. Instead, consider writing a creative yet appropriate subject line like “Love is in the air at our store this month!”.

#3. Obtain consent

One of the things many people hate is receiving unsolicited promotional emails. Under the CASL and GDPR, your business must obtain permission from your recipients before sending them emails.

You can do this by including an opt-in box that customers can tick if they wish to receive emails from you after completing a purchase. You can also create a form on your website to gather customers’ email addresses. That way, you provide your website visitors with a convenient way to sign up for your newsletter should they wish to.

#4. Make opting out easy

On the flip side, you should also make it easy for them to unsubscribe any time they want to. This is a requirement under the CAN-SPAM, CASL, and GDPR. Your emails should include an “unsubscribe” button at the bottom to make it convenient for recipients to opt out of your mailing list.

Opt-out requests must be honored within 10 days under the CAN-SPAM law. Once this period lapses, you should no longer send emails to the customer. With the GDPR, customer requests to delete their data must be honored immediately.

#5. Include a physical address

The emails you send must indicate a physical address to inform your recipients that there is a way for them to contact you. Indicating a postal box address will work as well.

#6. Hold yourself accountable for emails you send

The CAN-SPAM law states that your business is responsible for all the marketing emails sent out on behalf of your company. Even if you rely on a third-party agency to handle your promotional emails, you have to ensure that they are compliant with all anti-spam laws.

Your business must also inform your customers how their data is being collected and used. Do this by having a privacy policy that outlines what data is collected, how they are stored, and if the information is shared with other entities.

In the event of a data breach, you will be held accountable for them. Under the GDPR, anyone whose data you’ve collected has the right to be informed of the incident within 72 hours of the discovery of the breach.

Your business needs protection from the most dangerous threats. ERGOS offers robust managed IT services that provide proactive maintenance and 24/7/365 infrastructure monitoring. If you’re in the San Jose, CA area, we can most definitely help your business reach new heights. Click here for your FREE IT assessment!