You’re about to embark on an inbound marketing program. You have a shiny new website, with engaging content, optimized for conversions and leads, in the works and almost ready to launch. It’s an exciting time!
Hold on though. Does your website comply with Canada’s privacy act (PIPEDA) and anti-spam laws (CASL)? If not, then you could be viewed as a spammer and be subject to hefty fines in the thousands of dollars!
PIPEDA “applies to the collection, use or disclosure of personal information in the course of a commercial activity.” What this means is that you need to inform your customers about how you will collect, use and disclose their personal information. If you don’t you could be fined very large sums.
A PIPEDA self assessment guide advises the following:
- Take appropriate measures to notify web site users of all your organization’s online information practices, notably the use of “cookies” or other non-visible tracking tools, and explain such practices
Canadian Anti-Spam Legislation (CASL)
Some background: Between July 1 2014 and July 1, 2017, organizations were allowed to send Commercial Electronic Messages (CEMs) to anyone with whom they had an Existing Business Relationships (EBR) or Non-Business Relationship (Non-EBR) prior to July 1 2014. Companies were also allowed to message contacts that had “conspicuously published” their email address (i.e. showcase their email publicly on a blog).
After July 1, 2017, Implied Consent contacts may only be messaged for 2 years or 6 months, depending on the type of relationship you have with them. For example, you may email existing customers for 2 years from their purchase date, but you may only email someone that inquires about your service for 6 months from their date of inquiry.
Contacts that provide Express Consent can be messaged indefinitely until they unsubscribe.
When you request email opt-in from a contact, the following is required:
- When requesting consent, the purpose for obtaining consent is clearly and simply stated, i.e. “subscribe to our newsletter to receive quarterly emails related to inbound marketing.”
- The sender or the person on whose behalf consent is requested is identified by their name, mailing address, and either a telephone number, email address or web address
- The recipient is informed that they can unsubscribe at any time
- Consent must be opt-in, not opt-out
- The evidence of express consent is retained. For example, file their IP address, date and time of opt-in.
- Consent cannot be bundled with consent for Terms and Conditions
How Marketing Automation Can Keep You Sane
Reviewing and updating your email marketing database can be a gruelling task, especially if you have a large number of contacts. Marketing automation is a practical solution for email marketing, subscriber list management, and to help companies build, manage and update contact lists. Plus, with a marketing automation application, you can easily allow contacts to unsubscribe at any time.
There are several solutions available. Some that I have used are:
Mail Chimp – you can start with a free plan which includes up to 2,000 subscribers and 12,000 emails per month
Constant Contact – offers a free trial for 60 days
Pardot (Owned by Salesforce) – on the higher end
Hubspot – on the higher end, they offer some free tools.
Other marketing automation applications you may want to investigate are Eloqua and Marketo.
Office of the Privacy Commissioner Canada
CRTC – FAQ
CRTC: Compliance and Enforcement Bulletin, Canadian Government
*Disclaimer: This blog post is my interpretation of the legislations, and based off of my research and experience. I do not intend to provide legal counsel, and if you are uncertain of any rules related to the Canadian Anti-Spam Legislation or Privacy Act, you should reach out to your lawyer.