🎉    We’re live on Product Hunt right now.    🎉

Chapter 2 – How to Get Legal Permission from your Email Subscribers

Perhaps the quickest and most sure-fire way to obliterate your relationship with your audience is by emailing them without permission.

Ever had someone crash your dinner party without a formal invite?

(I have)

Let me tell you: It’s weird. It’s intrusive.

That’s how it feels (to a lesser degree of course) when someone receives an email without giving that person permission to contact them.

It’s disrespectful and it’s an easy way to lose your sender reputation and find yourself in the spam folder.

Think of the email address like an online social security number. It’s the identifier for everything that a person does online. And people only give it away to others that they absolutely trust.

At this point, it probably goes without being said. But I’m going to say it.

Never add someone to your list who didn’t give you permission to add them to your list.

But, that brings up an important question: how do you get permission to add people to your list without personally asking every single website visitor?

Great question.

The most common (and probably most effective) way to do this is by telling the person exactly the kinds of things that you’re going to send them when they put in their email address via an opt-in form.

(Image Source)

Don’t try to be deceptive. If you’re going to add them on your regular email list, make it appealing by telling them exactly the kinds of quality content you’re going to be sending them.

Also mention how often you’re going to email them to set healthy expectations.

(If they’re expecting to get one email per week and you email twice per day, that’s going to be jarring)

And voilá!

You have permission to add the person to your email list and you didn’t have to ask them personally.

But, before we move on, a few quick things you should know about GDPR and CAN-SPAM regulations.

Without getting needlessly into the weeds, here are some bullet point guidelines.


Regardless of where you’re located, you must follow GDPR regulations for anyone on your email list who’s located in the European Union.

  • You must have a valid reason for collecting personal data. There are 6 legal justifications.
    • You have explicit consent from the user to use their data.
    • You require the data to fulfill contractual obligations with the user.
    • You require the data to comply with another law.
    • You require the data in order to protect someone’s life.
    • You are a public authority and need the data to fulfill your duties.
    • You require the data because you have a “legitimate interest” in the data.

Here’s how a helpful author on Medium sums this up:

“In general, you are expected to use the most limited justification possible and have an actual business need for all the data you are collecting.

Furthermore, you need to pick your legal justification for collecting the data before you collect it and you need to tell the user your justification at the time you collect the data. For example, you can’t tell a user that you need their address to ship them a product and then turn around and resell that address to an advertiser.”

  • You must keep the user’s data secure.
  • You must keep proper documentation of your reasons for collecting data and how you use that data.


A United States law, CAN-SPAM strives to protect the user’s rights via email interactions with businesses.

  • You must use accurate header information to identify who sent the message.
  • The subject line should reflect the content of the email.
  • A commercial message must be clearly identified as an advertisement.
  • You must include a physical postal address in your email.
  • You must include the necessary opt-out options in every email.
  • You must adhere to a subscriber’s request to opt-out from your email list within 10 business days at the latest.
  • The message sender takes responsibility for its content even if an outside vendor is contracted to execute the service.

Ignore these laws at your own risk…

Neglecting these rules will quickly land you in the spam box or worse, get you banned from your email provider of choice. So it’s important to do your due diligence on these before trying to grow your email list. Here are a few more things to keep in mind:

  • Never buy or sell email addresses. This is a sure-fire way to get in trouble.
  • Send only to those who know your brand and have given you permission to email them.
  • Above all, be respectful.

Remember, behind every email address is a person. A human being just like yourself. Someone with wants, desires, frustrations, opinions, and a personality.

Since you want to do right by your email subscribers, always remember that you’re interacting with real people.

And if you ever want to try something which might impede on your email subscribers’ right to privacy, ask yourself “How would I feel if someone did this with my information?”

Asking that question will save you a lot of headaches in the future.

Next chapter
Chapter 3 – How to Select the Right Email Marketing Software for Your Business
10 min
Chapter 3 – How to Select the Right Email Marketing Software for Your Business
10 min