As an email service provider (ESP), we are required to enforce spam laws. Spam negatively impacts deliverability rates, and we want to make sure your emails reach their recipients. We have some very strict rules that must be adhered to in all countries, but you may find that your country has additional requirements.
Requirements for All TinyLetter Campaigns
- You must tell us where you got your list.
- Our unsubscribe link must be in all campaigns.
You must include your contact information inside every promotional email that you send, including a physical mailing address or PO Box where you can receive mail. (Not a website or email address.)
You may not falsify your contact information or subject line.
Even if you are outside the US, our servers live in the US. We have to make sure all US standards are observed.
We require that your emails comply with the US CAN-SPAM Act. If you break the rules, you could be liable for hundreds of dollars for each recipient that you sent non-compliant messages to.
In addition to CAN-SPAM rules, you must comply with the anti-spam laws of the countries your recipients live in. So if you're sending to UK residents and US residents, check the UK spam laws to make sure you're also UK compliant.
International Requirements By Country
These are either links to anti-spam legislation in countries outside the US or the name of the country's anti-spam law.
Spam Act 2003, Act No. 129 of 2003 as amended.
Commission de la protection de la vie privée, Le spam en Belgique Etat des lieux en juillet 2003, July 4, 2003
Canada’s Anti-Spam Legislation (CASL) amends the Canadian Radio-television and Telecommunications Commission Act, the Competition Act, the Personal Information Protection and Electronic Documents Act and the Telecommunications Act. It is very similar to CAN-SPAM but has some minor differences and covers all electronic messages, not just email. Check out CASL basics.
Section 06 of the Regulation of Electronic Communications and Postal Services Law of 2004 (Law 12 (I) / 2004 deals with unsolicited communications (spam)
Act No. 480/2004 Coll., on Certain Information Society Services
Article 13 of DIRECTIVE 2002/58/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 12 July 2002 concerning the processing of personal data and the protection of privacy in the electronic communications sector (Directive on privacy and electronic communications).
The EU body that addresses spam is The Contact Network of Spam Enforcement Authorities (CNSA).
The Directive is implemented by each member state independently so you will want to check with your particular country law for more details.
Falls under the Commission Nationale de l'Informatique et des Libertés (CNIL) [National Data Processing and Liberties Commission], Electronic Mailing and Data Protection (Oct. 14, 1999) (French) CNIL Guidelines on email marketing.
Art. 7 German Unfair Competition Law (Gesetz gegen Unlauteren Wettbewerb) (UWG)
Art. 202a, 263, 303a, 303b of the German Criminal Code Art. 6 of the German Law regarding Information Society Services Art. 28 Par. 4 of the German Data Protection Act
Italy's anti-spam laws are very strict. You can even be imprisoned for sending spam. If you're sending to Italian recipients, follow these guidelines as well.
Personal Data Protection Code (legislative decree no. 196/2003)
The Code transposed EC Directive 95/46 on the protection of personal data and EC Directive 2002/58 on privacy in electronic communications; it consolidated all Italian pre-existing laws and regulations in this sector.
DL 196/2003 Personal Data Protection Code • DL 675/1996 on privacy protection states, inter alia, that a company must have authorization from each user whose personal data (such as e-mail) they want to use. • DL 171/1998 (deriving from the European Community directive 97/66/CE) on telecommunications privacy protection: this put outlaws all automatic systems to call a user and says that all the expenses of an advertising must be paid by the company and not the user (faxes and e-mails are instead paid also by the user).
DL 185/1999 (deriving from the European Community directive 97/7/CE) on customer protection with respect to long-distance contracts: this obliges companies to seek the permission of the user for virtual or telephone sales.
Dutch law requires very explicit permission and heavily protects data and privacy.