LIVE: Last-Minute BFCM Ad Hacks
Days
Hours
Minutes
Seconds
Upgrade Your Holiday Ad Strategies
As we build an intent-based advertising network that’s beneficial for consumers, brands, and publishers, we at Customers.ai are conscientious of privacy and in compliance with laws and regulations regarding compliance.
Disclaimer: This webpage regarding the CAN-SPAM Act and GDPR is intended solely for informational purposes and is not intended to constitute legal advice or to create an attorney-client relationship with Sunstein LLP. This is not intended to be an exhaustive summary of all requirements of the CAN-SPAM Act or GDPR. If you have questions about complying with the CAN-SPAM Act or GDPR, contact your legal counsel.
Last update: July 26, 2024
There’s a lot of confusion about sales outreach, the United States of America’s CAN-SPAM Act of 2003, the European Union’s General Data Protection Regulation, and California’s California Consumer Privacy Act of 2018. We will clear up this confusion as best we can below.
Customers.ai’s X-Ray tool is compliant with the CAN-SPAM Act of 2003.
Customers.ai’s X-Ray tool is compliant with the European Union’s General Data Protection Regulation. Our compliance is achieved by excluding email addresses owned by people in the European Union.
We will now explain what The CAN-SPAM Act requires. The CAN-SPAM Act, according to the Federal Trade Commission, applies to all commercial messages, defined as “any electronic mail message the primary purpose of which is the commercial advertisement or promotion of a commercial product or service,” including all email that promotes content on a commercial website.
The CAN-SPAM Act has 7 fundamental requirements:
Let’s go one by one.
The “From,” “To,” “Reply-To,” and routing information (including the originating domain and email address) must be accurate. They must identify the person or business who initiated the message.
Customers.ai does not allow users to manipulate this information in our system.
The subject line must reflect the content of the message.
It must be clear and conspicuous that the message is an advertisement.
A business is required to include a valid physical postal address in its email. This can be:
A business’s message must include:
You may give recipients an option to only opt out of certain emails from you but you must always include an option to opt out of all emails. Customers.ai does not allow senders to remove opt-out links from email communications.
No matter how you choose to accept opt-out requests, the option must be able to process opt-out requests for at least 30 days after the email is sent.
You must honor the opt-out request within 10 business days of receiving. If you are sending emails via Customers.ai’s system, this will be done automatically.
You cannot charge a fee as a condition of honoring the opt-out request.
You cannot require the recipient to give you any personally identifying information other than their email address as a condition of honoring the opt-out request.
You cannot make the recipient take any step other than sending a reply or visiting a single page on an Internet website as a condition of honoring the opt-out request.
Once someone has sent you an opt-out request, you cannot sell or transfer their email address. The only exception is that you may transfer the email addresses of people who have opted out to a company you’ve hired to help you comply with the CAN-SPAM Act.
Even if you hire another company to do your email marketing, you are still responsible for complying with the CAN-SPAM Act. Both you and the company hired are legally responsible.
If you do these things, you will be compliant with the CAN-SPAM act. If you do not, you may be in violation. Each separate email in violation of the CAN-SPAM Act is subject to penalties up to $50,120.
You are not required by the CAN-SPAM Act to attain an opt-in before sending someone a commercial email. You are only required to do the above.
For answers to frequently asked questions about the CAN-SPAM Act, please visit “FAQs about the CAN-SPAM Act.”
Customers.ai excludes EU citizens and residents.
According to the European Union, the GDPR applies to anyone who processes the personal data of EU citizens or residents, or who offers goods or services to such people. If you met either criteria, the GDPR applies, even if you’re not in the EU.
There are two tiers of fines for violating the GDPR. They max out at €20 million or 4% of global revenue (whichever is higher). Data subjects also have the right to seek compensation for damages.
The GDPR’s Article 6 outlines the only instances in which it is legal to process personal data.
Here is the information as outlined on the GDPR website.
Under no other circumstances are you permitted to collect, store, or sell an applicable person’s data.
Generate more leads and meetings for your sales team with automated inbound lead capture, qualification, tracking and outreach across the most popular messaging channels.