With billions of email users worldwide and a Return on Investment (ROI) of $38-$44 for every $1 spent on email marketing. Email is one of the most widely-used and effective forms of communication and marketing. However, it is also one of the most regulated marketing channels due to its personal reach and to address consumer privacy concerns.
This document is intended to assist marketers in providing an overview of the common elements and definitions found in email regulations and common practices that should be met.
The following best practices are recommended to be incorporated in your email marketing efforts by the ANA Email Experience Council (EEC) Practices and Standards Subcommittee.
Elements to review and/or include in your email marketing campaign planning:
- Maintain detailed record-keeping: The following data elements should be maintained and protected as appropriate:
- Consent and source details: how, when and type of subscriber consent. (Please review the email consent continuum for a further breakdown of different types of consent.)
- Opt-out requests: relevant dates of when the subscriber chose to modify or opt-out.
- Relevant records: keep only those records that have a clear and specific purpose.
- Data retention policy: set, keep, and audit data for a limited and necessary time (data minimization).
- Link to a functioning preference center: include a link to your preference center in your emails or when a subscriber selects the unsubscribe mechanism – include a link to your preference center. (This preference center link does not replace the need to have a separate unsubscribe link in your emails.)
- Capture the country: provide a country field in your email capture forms since compliance requirements can differ by country. You may wish to even employ state/province fields on your forms to help track compliance needs.
- Use authentication protocols: make sure you use proper authentication protocols, policies and tools like DMARC, DKIM, and SPF.
- Give access to consumers: provide a clear means for subscribers to contact you to update, amend, or remove their records.
- Provide robust choice: provide a clear and easy way for subscribers to unsubscribe from your promotional emails:
- Include a working and valid unsubscribe link in every email.
- Honor the unsubscribe request as soon as possible, in a timely and respective manner (country-specific time restrictions/requirements apply –please review country-specific requirements in which you send email).
- Display confirmation of the user’s unsubscribed status on the unsubscribe page, not by a separate email message.
- Provide notice that the subscriber can unsubscribe at any time, within the subscribe process. (This is a compliance requirement under Canada’s Anti-Spam Legislation) but also is a best practice for use within your entire email marketing campaign.)
- Utilize data security to protect users:
- Use the latest security protocols to protect data.
- Train employees on data security practices.
- Develop a contingency plan in case of a data breach.
- Create a data audit/assessment process:
- Review all of the above data policies on at least an annual basis.
- Bring in all team members that are involved in implementing any of the above policies.
- Train staff on any updates to your practices.
Note: This guidance should not be considered as legal advice or replace sound legal review. It is being provided for informational purposes only. Please review your email program with your legal counsel to ensure that your program is meeting appropriate global legal requirements for your organization.
Last updated November 2021