As part of your email marketing strategy, it’s important to understand email permission and SPAM Law Authority, which comes from leveraging all available data to determine whether an individual in your database is contactable or not. This ensures that you are properly following the rules and regulations of email permission, which includes the various permutations of CASL, GDPR, and CAN-SPAM.
What is SPAM Law Authority?
Each individual email address in your database is governed by a specific SPAM Law, which currently includes CASL, GDPR, and CAN-SPAM. The specific SPAM Law authority helps define how the email address is treated within our system and is determined by two fields: “country code” and “email domain extension”. Each classification has different associated regulations when it comes to email laws.
To determine the specific SPAM Law Authority, Ascent360 will map an individual email address to the email domain extension based on the country code of origin. If an individual is physically located in France, then Ascent360 will assign the SPAM Law Authority of GDPR. This is regardless of what email domain extension they have. Even if the person has a “.ca” (Canadian) domain extension but their physical address is in France, we will assign the SPAM Law Authority of GDPR per the law of France. Many people who live all over the world use a “.com” extension—we will again default to the country of their physical address.
If the country of the physical address is unknown, we will use the email domain extension — for example, if the email domain extension is .ca, we will assign the SPAM Law Authority of CASL per the law of Canada. Rather, if the extension is “.fr” (France) we will assign SPAM Law Authority of GDPR.
Simply stated, if our client is in Canada, all unknowns follow CASL Regulations. If the client is in the EU or the UK, all unknowns follow GDPR regulations and if our client is in some other country, unknowns will follow CAN-SPAM regulations.
Ensuring Compliance with SPAM Law
Although you ultimately are responsible for compliance with GDPR, CASL, and CAN-SPAM, the following fields in the Ascent360 platform are designed to help make sure you’re compliant:
Email Permission Status – this field will be set to either a Yes or No, indicating if the consumer is contactable. It will be populated with a Yes, only if expressed consent has been given by the consumer.
Date of Expressed Consent – will show on what date express consent was provided.
First Source – will indicate what form was completed by the consumer when providing expressed consent.
It is important to note that pre-checked opt-in boxes, often part of product transactions, are not compliant with GDPR. You also may not email any consumers from the EU if you have not captured their expressed, explicit consent.
Additionally, 100% of the records that are loaded into the Ascent360 platform require a source to identify where the data originated, such as “MailChimp” or “Web Form XYZ”. This is meaningful for email permissions because if a consumer chooses a “Hard Opt-In” (explicit yes), then we can track when and where we received that hard opt-in. If you were to ever get a complaint from a consumer stating they never opted in to receive your emails, Ascent360 will be able to tell you that the individual did opt-in on a specific date and from what source.
Interested in learning more about how the Ascent360 platform helps keep your data organized and compliant with SPAM Law Authority? Let us show you—request a custom demo today!