• by Ray Schultz , Columnist, June 25, 2020

There’s one thing to know about email marketing in Europe: Don’t bother trying it unless you have the express consent of the recipient. That’s the advice being offered by Jana King Allen of Logan & Partners in an article on Mondaq.

Under the GDPR and rules like the UK’s Privacy Communication Regulations, you can only send email campaigns to recipients who have said you can. 

That means they had to take an “unambiguous and clear affirmative action” to show consent, Allen writes. 

For instance, they may have clicked a check box that says “Click here if you would like to receive by email more marketing information about our services.” Or, they may have registered for content or an event, providing personal details when they do so.

EU regulators seem to think U.S. firms need to be educated on this, given the loosey-goosey environment that exists under Can-Spam. In theory, under that U.S. law, you only have to let people opt out.  

However, responsible firms go further than that, using permission-based lists only. They demand not only opt-in, but double opt-in. 

The entire email deliverability system is based on people receiving emails they want. Lack of engagement, high unsubscribe rates and other forms of rejection can land you in the spam folder. 

And the California Consumer Privacy Act is similar to the GDPR in its exacting data protection requirements.  

Of course, there is a major exception to the rules both in Europe and the U.S. You can email to existing customers without specific consent, provided that: 

- they provided their contact details when they showed interest in your products — for example, by asking for more information

- you gave them the chance to opt out in every message you send after first collecting their data

- you are marketing your own similar products

This doesn’t give you free reign to swamp their inboxes. Above all, you have to suppress the person’s data from your marketing list when they withdraw consent, keeping only what you need to make sure you don’t email them again. And inform them in your privacy policy what you do with their data. 

Finally, whatever language you use to ask for consent, at any stage, it must be “clear, easy to understand and prominently displayed,” Allen writes.