This site has limited support for your browser. We recommend switching to Edge, Chrome, Safari, or Firefox.

Cart 0

No more products available for purchase

Pair with
Subtotal Free
Shipping, taxes, and discount codes are calculated at checkout

Email Marketing Laws: What you Need to Know Before you Hit SEND

Email Marketing Laws - what you need to know. Photo of woman typing on computer wearing a white sweater. Brown desk with decor.

Email Marketing is basically a necessity if you’re a business owner, especially if your primary mode of communication with your clients is online. If you are currently sending emails as part of your marketing strategy (or want to get started!) it’s important to keep it legal! 

If you're based in Canada or the US, it's important to have a basic understanding of the laws in each country, since when it comes to privacy laws, generally, you are required to comply with the laws where your subscriber is based too, not just the laws of your country. This blog post deals with US and Canada privacy laws as they apply to email marketing, but if you're looking at doing a deep dive into privacy policies in general (including the EU GDPR) check out this Blog Post.

Now if all this has you feeling overwhelmed, don't! Once you've got the hang of it, keeping your email marketing legal is pretty easy. Even better, trusted email marketing platforms, like Active Campaign (which is what I use), ConvertKit and similar, do a lot of the heavy lifting for you. But that doesn't mean you can overlook it - the fines for non-compliance both in the US and Canada are steep and is not something you can blame on software or your contractors or employees if you're in the wrong! As a business owner, you're ultimately responsible for ensuring your emails comply with email marketing laws.  So let’s get into it, and make sure that you’re collecting email addresses and sending your business emails, legally!

Email Marketing Laws in Canada 

In Canada, the legal requirements for email marketing are primarily governed by the Canadian Anti-Spam Legislation (CASL). 

At a high level, CASL requires that anyone sending emails for commercial purposes (IE your business) comply with the following:

  • You obtain people's consent first; 
  • It's clear who is sending the email
  • Make it easy to unsubscribe
  • Keep it honest (no fraudulent or dishonest content)

    Email Marketing Laws in the US

    The US has similars laws governing email marketing, with considerable overlap between them, which makes it easier for you, to comply. The CAN-SPAM Act is the primary federal law that governs email marketing in the US. In order to comply, your business emails must not:

    • Use False or Misleading Subject Headings
    • Make it hard to identify who is actually sending the email
    • Make it hard to opt-out or Unsubscribe. 

    To be compliant under CAN-SPAM, you must also

    • Have a physical address listed in each email; 
    • Honour any requests to opt-out or be deleted from your list; and
    • disclose any ads. 

    As you can see, there is quite a lot of overlap between these requirements. But what do these requirements really mean, and how do you ensure you comply?

    I'm so happy you asked... let's dive in!

    Cleary Identify Yourself

    This is an easy one so let's get it out of the way. Make it easy for people to know it's you sending the email.  Disclose who you are and ensure your “From”, “To”, “Reply To” and any other routing information is clear and concise. Your emails should also include your website domain name and your business name too. 


    OK this is a BIGGIE, and where I generally see the most questions come up.

    Consent in the context of email marketing means exactly what it sounds like: every single one of your subscribers must have agreed to be there. In the early days of email it used to be really common to end up on email lists, not knowing how you got there resulting from email list swaps amongst businesses with a similar ideal client, using software to “scrape” other websites for email addresses or even buying other people’s lists.

    Not only is this a bad idea from a business perspective, it’s not legal. In Canada and the US, you need active and informed consent from each subscriber on your email list. 

    What is Informed and Active Consent for Email Marketing? 

    “Informed and Active Consent” means that before someone is subscribed to your email list, they should have the ability to know exactly what they need to provide to you to subscribe, and what they can expect once they’ve agreed to hand over their email address to you, which is consider their personal information. This includes:

    • What personal information they are giving (Ex. first name, email address)
    • How their personal information is going to be used. 
    • Who their information will be shared with (Ex. their personal information won’t be sold or distributed to third parties without their consent). 
    • Any risk of harm or other consequences
    This information typically lives in your Privacy Policy, which is essentially a deep dive answering a lot of these questions for users to your website.

    How to Get Consent from your Subscribers

    We’ve all seen the pop-ups on websites for *something* in exchange for someone’s email address; freebies, discounts and webinars come to mind. If this is done right, there is usually a clear link to that businesses Terms of Use and Privacy Policy within the pop-up next to a little button or box that you 'check' or 'tick', accepting that website's Terms of Use and Privacy Policy, before signing up for that resource and their email list. People need to be given a clear option to consent to being on your email list. This is where that little check box comes in handy - that’s your active consent

    Whether people read those....? Well that's up to them, but they must exist for them to read if they so choose.

    If you have a website, you are legally required to have a privacy policy that sets all of this information out. Anytime you are collecting emails, you should hyperlink to your privacy policy, which sets out (hopefully in easy to read language!) everything that your subscriber needs to know about why you are collecting their personal information, how you intend to use it, for what, and how they can unsubscribe and/or request their information to be deleted. This ensures your subscriber is informed before they consent. 

    BONUS TIP #1:  When it comes to collecting people’s personal information, a good rule of thumb is to only require the bare minimum information necessary to effectively carry out the services you are providing. . In the online space, with digital downloads and products, it’s likely that you almost never will need a user’s telephone number or physical mailing address.

    Realistically, you may only need their first name and email address to carry out most of your services, as well as payment information if it is a paid service. So stick to just collecting what you need. This also may help to limit your liability in the event you have a data breach. 

    BONUS TIP #2: You should make getting consent for email marketing an ongoing process in your business. I think it’s a great idea to scrub your email list from time to time, especially if your consent requirements change or you pivot your business (for instance, from one service to another) and plan on emailing your list about the new service. 

    For example, if you change your business from offering digital products to offering coaching services, it’s likely that your subscribers didn’t sign up and agree to receiving emails about coaching. This would be a great opportunity to scub or segment your list and have your subscribers opt-in to these types of emails.

    Also, if you are launching sales campaigns, I really appreciate seeing options to opt-out of certain campaigns.  This is a great way to show your email subscribers that you honour the space in their inbox, especially from people who have already signed up or purchased what you’re selling in your most recent email marketing campaign. 

    You can use email preferences, tagging, and segmenting to manage this consent and what types of emails your subscribers receive. 

    Make it Easy and Clear to Unsubscribe

    You should make it easy for your email subscribers to unsubscribe from your email list at any time. Email marketing platforms (like Active Campaign) make this easy to do, but you should also check that if someone wants their data deleted, you can easily do this from the back-end of your email service and website host too.

    Don’t Use False or Deceptive Subject Lines

    AKA Don’t lie, don’t be cringey and don’t make me disappointed I opened your email. Not is it SUPER annoying as a subscriber (I’ll be looking for that ‘Unsubscribe’ button, pronto) but lying in your subject lines is a legal no-no. 

    While you can certainly add some creative lure to your subject lines, your email content should match with your headline promises.

    While this requirement definitely could lead to some legal grey areas, the key takeaway here is - don’t lie to your subscribers. It’s bad for business and could land you in legal trouble. Be honest and truthful in your subjects, content, and while we're at it, business and life in general. 

    Include a Physical Address

    This is a requirement under the US CAN-SPAM Act and you are required to comply if you have US subscribers on your list.  You can use your personal or business address, or if you’re worried about having your address online publicly, you can use a dedicated PO Box.

    Honour Opt-Out Requests Quickly

    If someone emails you asking you to remove them from your email list and delete their personal data, you must do it within 10 days of their request. Email marketing platforms make this fairly easy to do, but they vary from one to the other. And no, you can’t charge a fee for this, re-visit your emails or a landing page to do this - the onus is on you as a business owner to get them off your list.

    Disclose Ads and Affiliate Links

    This falls under your obligation for truthful marketing, and you are required to disclose to your subscribers if your emails include paid ads, or affiliate links. 

    A Few other Tips

     Contests to Generate Email Lists

    I get asked about these a lot! If you are running a contest where there are several different business owners involved, make sure that you have clearly indicated to people signing up that they will be added to each business owner’s email list. In this situation, I think a double opt-in is a good idea to ensure that you as a business owner have your own record of consent for having added them to your email list beyond the initial contest sign-up. 

    Email List Swaps

    There is nothing wrong with promoting someone else’s business within your own emails, but sending a spreadsheet of all of your subscribers over to someone else is a major no-no and breaks email marketing laws. If someone wants to sign up for another business owner’s email list, let them do that on their own accord.

    Final Thoughts

    If you haven’t leveraged the power of email marketing in your business yet, I highly encourage you to, because it is a great way to serve your audience, deliver value, and promote your products and services in a more intimate space than just on social media.

    Just be sure that you fully understand the email marketing laws and come back to this post to ensure you are meeting all of the legal requirements for obtaining consent and collecting email addresses. 

    If you don't have your own Privacy Policy in place or think yours needs an overhaul, you can check out our Website Terms of Use and Privacy Policy Bundle template. Our Privacy Policy legal template is easy to customize to your unique business, website and how and why you collect emails from users to your site. 

    It covers the laws we've discussed for Canada or the US, and is GDPR compliant too.  All of our Website Terms of Use and Privacy Policy contract template bundles also include a Privacy Policy checklist, so it makes setting up your website privacy policy (which includes your email marketing requirements!) easy.

    Disclaimer: This Blog Post includes Affiliate Links, and I may receive a commission or other form of compensation if you click through and purchase using my link. 

    Leave a comment

    never miss a post

    Subscribe to get special offers, free giveaways, and once-in-a-lifetime deals.