Compliance Guide
Ensuring your email campaigns meet regulatory requirements and industry best practices.
Email Compliance Overview
Email compliance is essential for maintaining sender reputation, avoiding legal issues, and respecting recipient preferences. Simply Send enforces compliance requirements at the service level to help you meet anti-spam regulations including CAN-SPAM Act, GDPR, and CASL.
Regulatory Requirements
CAN-SPAM Act (US)
- • No false/misleading headers
- • Truthful subject lines
- • Include physical address
- • Provide unsubscribe mechanism
- • Honor opt-outs within 10 days
GDPR (EU)
- • Explicit consent required
- • Clear data usage information
- • Right to access data
- • Right to erasure
- • Maintain consent records
CASL (Canada)
- • Express/implied consent
- • Clear sender identification
- • Unsubscribe in every message
- • Honor opt-outs within 10 days
- • Keep records for 3 years
Consent Tracking Requirements
SimplySend requires comprehensive consent tracking for all marketing email subscribers. Every subscriber must have:
Consent Method
double_opt_in, single_opt_in, imported, or web_form
Consent Timestamp
ISO 8601 format date/time when consent was given
Consent IP Address
IP address from which consent was given
Consent User Agent
Browser/device information
Consent Proof
Human-readable description of how consent was obtained
Active Status
Subscription status must be "active"
Double Opt-In (Recommended)
Double opt-in is the gold standard for consent and is required by GDPR for marketing emails.
Benefits: Protects against typos, confirms user intent, provides clear consent record, reduces spam complaints, and improves engagement rates.
Compliance Recommendations & Thresholds
Recommendations
- Complaint Rate:< 0.1%
- Unsubscribe Rate:< 0.5%
- Bounce Rate:< 2%
- Delivery Rate:> 95%
Critical Thresholds
Sending may be suspended if you exceed:
- Complaint Rate:> 0.5%
- Bounce Rate:> 5%
Compliance Best Practices
Do This
- ✓ Always use double opt-in for marketing emails
- ✓ Make unsubscribe links prominent and easy to find
- ✓ Process unsubscribe requests immediately
- ✓ Maintain clean email lists (remove bounces)
- ✓ Segment your audience for relevance
- ✓ Include physical address in footer
- ✓ Keep consent records for 3+ years
- ✓ Monitor compliance metrics regularly
Don't Do This
- ✗ Buy or rent email lists
- ✗ Use pre-checked opt-in boxes
- ✗ Hide unsubscribe links
- ✗ Ignore unsubscribe requests
- ✗ Send without consent records
- ✗ Use misleading subject lines
- ✗ Send to inactive subscribers (6+ months)
- ✗ Ignore bounce notifications
Unsubscribe Processing
SimplySend automatically processes unsubscribe requests when recipients click unsubscribe links.
List-Specific Unsubscribe
Unsubscribe from a specific contact list only:
- • Subscription status → "unsubscribed"
- • Can still receive emails from other lists
- • Can resubscribe to this list later
Global Unsubscribe
Unsubscribe from all emails from sender:
- • All subscriptions → "unsubscribed"
- • Email added to suppression list
- • Cannot receive any marketing emails
Timeline: Unsubscribe processed immediately • Removed from future sends within 10 business days (SimplySend: immediate) • Suppression list updated immediately
Common Compliance Mistakes
Buying Email Lists
Recipients didn't consent to receive your emails. Results in high complaint rates and damages sender reputation.
Do instead: Build your list organically with double opt-in
Pre-Checked Opt-In Boxes
Not explicit consent under GDPR. Users may not realize they're subscribing.
Do instead: Use unchecked opt-in boxes requiring active consent
No Consent Records
Can't prove consent under GDPR. No defense against complaints. Risk of fines.
Do instead: Record all consent information with IP, timestamp, and method