Community
Classroom
Calendar
Members
Leaderboards
About
Nov '24 • General discussion
The Legal Side Of Email / Contact Form Marketing
The information provided on this website does not, and is not intended to, constitute legal advice; instead, all information, content, and materials available on this site are for general informational purposes only. Information on this website may not constitute the most up-to-date legal or other information. This website contains links to other third-party websites. Such links are only for the convenience of the reader, user or browser; and its members do not recommend or endorse the contents of the third-party sites.
Readers of this group should contact their attorney to obtain advice with respect to any particular legal matter.
The views expressed at, or through, this site are those of the individual authors writing in their individual capacities only. All liability with respect to actions taken or not taken based on the contents of this site are hereby expressly disclaimed. The content on this posting is provided "as is;" no representations are made that the content is error-free.
Now that that is out of the way, there are a few things you should be aware of.
Different countries have different laws regarding marketing to both people and businesses as well as the medium of that communication. Below I will Briefly touch on a few of the big ones.
If you are uncertain you should seek the legal advice of a competent professional in your local area.
CAN SPAM - USA
First off CAN SPAM covers sending emails in the USA.
But wait, Im not sending emails..?
You are submitting contact forms, which often times are then emailed from the websites server to the end user. Given that case, more then 1 attorney in the USA has stated that its Possible, if it ever went to court, that a judge May consider it under the laws for sending emails.
CAN SPAM is so easy to adhere to that it makes complete sense to adhere to it just so you will avoid any potential issue, so why would you not just make it easy on your self and follow the basic rules?
You can google and read the simple checklist on the USA government website, but I will list the link and info below. What you need to know is compliance is easy and my entire process includes compliance for CAN SPAM as Im just not taking any risks.
How easy is it? CAN SPAM is often referred to as "I CAN SPAM", because if you wanted to send spam it lays out the rules of how you can legally do it. Seriously its easy.
Lastly if you get really stressed out about CAN SPAM, just google "right of private action" and understand it. CAN SPAM has no right of private action. In a nut shell that means if you contact bob and try and sell him something for his business, even if you send him a cold email, he can't sue you. The only people that can sue you under CAN SPAM is:
  • The government
  • An ISP
In order to get on the governments radar you really have to either be committing a crime, or be sending absurd amounts of emails (probably hundreds of millions a month). They have better things to do and so long as you are not committing a crime, like stealing peoples identity etc..., they are "probably" only going to sue you if you send massive amounts of email - that causes massive complaints.
OR
They stand to be able to fine you enough money that it covers their costs and they make a substantial profit. Unless your Coca Cola etc... your probably not worth the effort.
Additional Specific Details on CAN SPAM:
Here is the link.
Here is a copy and paste from this website. The law has been in effect since 2004, but if you want to make sure the info is up to date, use the link above or google. Else here it is and in text like this is how I handle it. Again Im not an attorney:
  1. Don’t use false or misleading header information. Your “From,” “To,” “Reply-To,” and routing information – including the originating domain name and email address – must be accurate and identify the person or business who initiated the message. Contact form Marketing pretty much takes care of this, you don't really have control over this with contact form marketing.
  2. Don’t use deceptive subject lines. The subject line must accurately reflect the content of the message. If your selling seo services, then don't put a subject line of "Weird trick to get free traffic".
  3. Identify the message as an ad. The law gives you a lot of leeway in how to do this, but you must disclose clearly and conspicuously that your message is an advertisement. I put in my unsubscribe line stuff like "Advertisement" or "Marketing Message" etc...
  4. Tell recipients where you’re located. Your message must include your valid physical postal address. This can be your current street address, a post office box you’ve registered with the U.S. Postal Service, or a private mailbox you’ve registered with a commercial mail receiving agency established under Postal Service regulations. Pretty easy, you must put a street address - can be your house, business, a P.O. Box or a rented address from a mail box agency (see resource section for these) Legally it must be a valid address where you can receive mail. Pro Tip: you likely will get junk mail, so don't buy an address and pay for forwarding and cost yourself money forwarding junk mail to you.
  5. Tell recipients how to opt out of receiving future email from you. Your message must include a clear and conspicuous explanation of how the recipient can opt out of getting email from you in the future. Craft the notice in a way that’s easy for an ordinary person to recognize, read, and understand. Creative use of type size, color, and location can improve clarity. Give a return email address or another easy Internet-based way to allow people to communicate their choice to you. You may create a menu to allow a recipient to opt out of certain types of messages, but you must include the option to stop all commercial messages from you. Make sure your spam filter doesn’t block these opt-out requests. I use 1 click opt outs via a custom wordpress plugin (this plugin is planned to be available here on the members area as part of Phase 3 launch). However you can use free plugins to do opt outs via wordpress (also info is/will be available here for that, with mini tutorial), you can allow opt outs via any other website collection method, or you can have people send you a reply email requesting unsubscribe, doesn't matter, so long as you follow thru promptly. 
  6. Honor opt-out requests promptly. Any opt-out mechanism you offer must be able to process opt-out requests for at least 30 days after you send your message. You must honor a recipient’s opt-out request within 10 business days. You can’t charge a fee, require the recipient to give you any personally identifying information beyond an email address, or make the recipient take any step other than sending a reply email or visiting a single page on an Internet website as a condition for honoring an opt-out request. Once people have told you they don’t want to receive more messages from you, you can’t sell or transfer their email addresses, even in the form of a mailing list. The only exception is that you may transfer the addresses to a company you’ve hired to help you comply with the CAN-SPAM Act. Pretty easy, make sure you are opting people out inside of 10 business days. Ill talk more about how I do this in a mini tutorial.  Also you have to still continue to process opt outs for 30 days after you stop any marketing campaign, assuming you will market to them again in the future.  If you do a 1 off blast for a product and NEVER market to them again with that product, website etc.. then opt outs is kind of a mute point. However I always remarket to them, so I always do this. 
  8. Monitor what others are doing on your behalf. The law makes clear that even if you hire another company to handle your email marketing, you can’t contract away your legal responsibility to comply with the law. Both the company whose product is promoted in the message and the company that actually sends the message may be held legally responsible. If you hire a company/person to market on your behalf, your can still liable if they break the law.  Make a marketing agreement with them that says they must legally comply, so you at least have a document that gives you plausible deniability in case they foul up. However still the law is clear, monitor what they are doing, you could be liable. Again there is no right of private action, so they would "probably" have to screw up BIG time for you to make the government radar, but then Im not an attorney either. I would say in summary, just be smart and try and hire someone you feel like you can trust, or do it in house and this point is mute. 
GDPR - EU
First off GDPR covers more or less any communication you have with anyone or any entity in the EU or any citizen of the EU regardless of where they are located.
Yes there are exceptions and nuances, particularly for business, but contact form marketing is clearly a communication and 100% falls under GDPR if you are communicating with anyone in the EU or any citizen of the EU anywhere in the world.
So how are you going to know if your sending a message to someone in the EU or an EU citizen? You can't, so just follow the rules all the time and your set.
Im not going to cover what the rules are, you can google that and read complete laws on GDPR or read what attorneys write as guidelines. What you need to know is compliance, as far as contact form marketing is concerned, is pretty easy and my entire process includes compliance for GDPR as Im just not taking any risks.
I will cover the ultra basic of it though and that is that GDPR is about PERSONAL data. So if you email bob and you know your emailing bob or you use bob's name, then you fall under GDPR.
Remember the legal disclaimer, but if you simply AVOID using any personal information, then you Generally fall outside the scope of GDPR and its a mute point. Don't use peoples names when sending contact forms, and you pretty much have it covered. Again, don't take my word for it, read the law. Ive read the law, I understand it, you should too.
In my humble opinion, and at the risk of ticking off people from the EU... My opinion is that the largest part of GDPR is about money so that the government has a legal way to fine offenders and rake in the cash. At least from the standpoint of them sueing you/fining you.
It goes back to what I said about CAN SPAM in the USA, you really have to be big enough for them to cover their costs and rake in the cash or its just not worth their effort.
ePrivacy - EU
Contact form Marketing could fall under ePrivacy for the EU. Its an older law, and Im not really going to even touch on it other then to say the following:
I live in the USA and for the most part it doesn't really have cross border repercussions like GDPR could have.
Ive worked with multiple people in the EU and they pretty much all say that while the law is there, nothing even comes of it, unless your a Major abuser. So they have all gone on ahead and done contact form marketing anyway.
Thats not legal advice, thats just my experience.
Other Laws
There are a lot of countries around the world and a lot of laws. Further new laws are made all the time.
Some laws are made to protect the citizens and some laws are made to make it easy for governments to collect cash from companies/citizens.
At the end of it its important to do your due diligence and understand what local and international laws may affect you.
If you live in the EU or the USA you "probably" need to be a major offender for it to be worth the governments time. Not legal advice, just conjecture. By the same token you don't want to be sending the Attorney General of the USA a crap top of spam emails, there is just no point in poking the bear.
So do your research, be compliant where you can, and apply smart filters, like filtering out .gov domains - which for the most part I already do in the lists on these sites (unless you need to market to .gov specifically for some reason). (For the most part means most major .gov domains, but there may be .gov domains of ccTLDs that may slip thru the cracks)
In other words, be smart, be clever and don't intentionally poke the bear.
TCPA - USA
TCPA is the Telephone Consumer Protection Act in the USA. There isn't much to say here, and it does NOT relate to contact form marketing.
One of my clients however did get smacked with a TCPA lawsuit because of what one of his affiliates did - NOT ME.
Given that we are all marketers and we are all looking to push the envelop and legally market out businesses in the most cost effective way possible, I will include this.
In the USA you can not contact someone via a phone number/phone line, using an automated system/auto dialer/auto SMS sender/auto fax sender, without that persons prior consent.
This includes but is not limited to
  • Calling their landline
  • Calling their cell phone
  • Sending their cell phone an SMS text message
  • Sending a FAX
Does this illegally happen every day, yes, but Im not willing to take the risk. GDPR would also cover any communication on the above to anywhere in the EU or any citizen of the EU assuming personal information was used. Also perhaps a court would even claim a phone number is personal info, I don't know.
What you need to know is that this is not relevant to contact form marketing, its just useful to know as a marketer.
Lastly phone numbers have been around longer then email and many countries likely have laws on communication via phone, so again know what your doing before you start using phone numbers. You may additionally wish to seek the advice of a competent professional/attorney in this area.
0
0 comments
Juraj Brandobur
1
The Legal Side Of Email / Contact Form Marketing
One Million Verified B2B Leads
skool.com/million-leads-2130
I Help Digital Entrepreneurs Find Their Next Customer Faster, Smarter, and Cheaper — Million Verified Leads a Month + 2 Million Contact Forms
Powered by