Table of Contents
In Short
- Email marketing is cost-effective for eCommerce businesses, driving engagement and conversions.
- Personalised content and segmentation are key to effective campaigns.
- Compliance with GDPR and spam regulations is crucial for avoiding legal issues.
Tips for Businesses
Focus on segmentation and personalisation to engage customers and maximise the impact of your email marketing. Ensure you comply with GDPR and spam regulations to avoid fines and maintain trust. Email campaigns should offer value, such as promotions or updates, to keep subscribers engaged.
Marketing campaigns are an essential business tool for growth. Businesses engage in email marketing regularly as part of their marketing strategy to contact current customers, old customers, or new customers. However, businesses must comply with the relevant legal rules when sending marketing emails. Regulators will take serious action against companies who fail to follow the rules. This article will set out some of the key legal considerations for businesses engaging in email marketing.
Email Marketing Rules
There is nothing to stop you from sending out email marketing. For example, sending promotional emails and marketing emails. Businesses often do this to help with brand awareness and to reach potential customers. However, complex legal rules apply, and this is a topic businesses tend to struggle with. In particular, there is a misunderstanding about whom you can send email marketing to and if you need signup forms for email marketing.
Let us explore the difference between these two below.
GDPR
The UK GDPR governs the processing of personal data. This applies to email marketing and email marketing campaigns when the personal data of people is used. Indeed, when utilising email marketing, businesses often use personal data.
PECR
PECR governs the rules on using electronic communications for direct marketing. PECR contains very strict rules around using emails, texts and phone calls for direct marketing. Direct marketing is defined as communication (by whatever means) of advertising or marketing material directed to particular individuals. PECR applies various rules that you need to follow for email marketing and email campaigns.
In practice, you need to consider both sets of laws when carrying out email marketing.
UK GDPR and Email Marketing
If you use personal data for email marketing purposes, the UK GDPR rules apply.
For example, suppose you plan to send a marketing email promoting a new product to Joe.Bloggs@LegalVision.com.
Since you are using an individual called ‘Joe’s’ name and Joe can be identified within the email address, this constitutes personal data under the UK GDPR rules.
You will, therefore, need to consider and document your ‘lawful basis’ (i.e. legal reason) for processing Joe’s data to send him a marketing email.
Usually, for marketing purposes, the most common grounds businesses rely on to send marketing emails are legitimate interests and consent. Let us explore these in further detail below.
Legitimate Interests
This is where you carry out a balancing test to see what impact your email marketing would have on the rights and freedoms of people you are marketing to. For example, you should consider if an individual would expect you to use tier personal data for marketing purposes.
Consent
This is where the individual has given consent to receive marketing. Consent must be freely given, specific and informed. If relying on this ground, you must have obtained valid consent before sending marketing emails.
You should also note that individuals can object to their data being processed under the UK GDPR. So, if at any time they ask you to stop using their data to send them marketing emails, you must do so. In practice, a marketing suppression list can help track who has objected to email marketing. It can also be a good idea for your business to check how its marketing campaign performs. For example, seeing unsubscribe rates may help you understand what email content is working and what is not.
Continue reading this article below the formCall 0808 196 8584 for urgent assistance.
Otherwise, complete this form and we will contact you within one business day.
PECR and Email Marketing
PECR’s purpose is to safeguard the privacy rights of both individuals and businesses who receive electronic communications. As well as complying with the UK GDPR rules above, you must comply with PECR for email marketing purposes.
PECR applies different rules for email marketing, which depend on who you are emailing.
In summary, there are two key sets of rules. One set of rules applies to ‘individual’ recipients (known under PECR as ‘individual subscribers’), and another applies to corporate recipients (‘corporate subscribers’).
In short, the rules are far more relaxed when sending email marketing to companies.
Let us explore each set of rules in further detail.
1. Emailing Individual Recipients (Consumers, Sole Traders, Non-LLP Partnerships)
Usually, you must have recipient consent when sending email marketing to individuals. Individuals refer to consumers, sole traders and simple non-incorporated partnerships. Consent needs to be freely given, specific, informed and unambiguous. The consent must be an obvious form of positive action. For example, individuals can demonstrate consent by ticking a box or emailing you a confirmation to show they agree to receive marketing emails. You cannot rely on a pre-ticked box.
There is a very limited exception that allows you to send email marketing to individual recipients who have not given consent. This is known as the ‘soft opt-in’. The soft-opt in itself has several conditions. In short, it allows you to send email marketing to customers who have purchased from you before and did not opt out of receiving your marketing emails.
2. Emailing Corporate Recipients (Limited Companies, Limited Liability Partnerships, Public Bodies)
The rules are more relaxed when email marketing to companies. You can send marketing emails to ‘corporate subscribers’, that is, companies and LLPs, without consent. However, this does not apply to sole traders and non-LLP partnerships. For those organisations, you will still need to obtain consent.
Despite the relaxed rules, note that individuals receiving marketing emails should always have the right to unsubscribe.
In practice, businesses often need help understanding which rules apply to which customers. The use of ‘consent forms’ and ‘opt-ins’ can also cause a lot of confusion. Businesses often make mistakes in their marketing signup forms. However, the data protection regulator can impose heavy fines for breaching the rules. Fines for breaching the UK GDPR can be up to £17.5 million or 4% of your annual turnover, whichever is higher. Penalties for breaching PECR are also severe, with fines of up to £500,000. In addition to financial penalties, the regulator may also begin criminal proceedings against you. If you are unsure about email marketing and the rules applicable to your business, you should take legal advice on this complex topic.
This factsheet sets out how your business can become GDPR compliant.
Key Takeaways
Most businesses engage in email marketing. However, the legal rules around this are complex and mandatory. When engaging in email marketing, you must consider the rules under both the UK GDPR and PECR. The implications of breaching these rules are serious, including heavy fines. Therefore, you must ensure that your email marketing campaigns comply with these laws.
If you need legal advice on email marketing law rules and email marketing campaigns, our experienced eCommerce lawyers can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on 0808 196 8584 or visit our membership page.
We appreciate your feedback – your submission has been successfully received.
