Are You Illegally Using Your Email List?
You own your email list. But that doesn’t mean you can do anything you want with it.
Discover what you need to know about the legal side of having subscribers.
Types of Lists Services
Not all list services are created equally. And, some have more restrictions than others.
Let’s have a look at a couple of list service types.
Third-Party List Service
This is a software company you pay for services to help you collect and manage a database of email addresses. They may also offer email templates, tracking, and scheduling options.
Popular companies include Mailchimp, MailerLite, Klavyio, and more.
Platform List Service
This is a software company that primarily provides a paywall service, like memberships/courses, or some other type of private access to content. They also offer ways for you to collect and manage a database of email addresses for your customers.
Popular companies include Kajabi, Patreon, Substack, and more.
Export Email Lists
All list service providers and most all platform list services state that you own your email lists.
And, most all of them have a way for you to export email lists too.
That’s perfectly fine. In fact, you should download a copy of your email lists on a regular basis, like once every 3-6 months. That way you have a backup should anything catastrophic happen with the service provider.
Import Email List
But importing a list is a whole other ballgame.
For example, let’s say you have a WordPress website and you already have a newsletter list for it through a third-party service provider.
And then later you started a Publication on Substack.
You can’t take your email list from Substack and import/upload it to your site’s newsletter list.
It is illegal for you to add anyone to any email list without their expressed consent.
In our example, subscribers to your Substack Publication did not give you permission to add them to another list.
If they unsubscribe from your Publication, and they receive an email from your third-party provider, they most definitely can report you for spamming them, or not protecting their privacy.
There are multiple federal and state laws against this practice including:
· CAN-SPAM Act
· Electronic Communications Privacy Act (ECPA)
· California Consumer Privacy Act (CCPA).
· And if they live in Europe, the GDPR.
Permissions and Loopholes
Let’s explore another example.
Let’s say you have a list on Mailchimp and you want to move to another provider, like Klavyio.
You’ll be using the new list for the same purpose as you did before.
But, there is no way for the new list service to know that.
When you import/upload an email list to a service provider, they can take one of at least two steps to ensure you have permission to add subscribers to this list, including:
· Double-optin, where they send an email to the subscriber to ask if they want to be on this list.
· Checkbox for agreement that you have permission to put these people on this list.
Double Optin Caveat
With the double-optin, you could lose more than half of your subscribers, even if you notified them previously that you were going to be adding them to a new list or new provider.
Checkbox Caveat
With the checkbox agreement, you have waived any legal obligation on the part of the provider.
So, if someone reports you, or sues you, for spamming them on a list they never gave permission to be on, that’s all on you. The service provider cannot be held accountable.
Now, if you’re using it for the same purpose as you did before, and this is the same list that subscribers opted into, there shouldn’t be an issue with you checking that box. It’s not like you are adding someone to a different list.
Privacy Policy Promise
If you have a privacy policy available on your site (and you should), and it says that you will not share or sell your email list, then you need to be super careful where you upload that list.
For example, if you want to run Facebook Ads, the very first thing it wants you to do is upload your email list.
If you do, you just broke your Privacy Policy agreement because I 100% guarantee that Facebook will use those emails for their own marketing purposes.
If you add someone to another one of your own lists, same thing, you just broke your promise to them.
Do This Instead
Let’s say you have an email list for something like a product or membership.
If your setup allows you to also auto add them to your newsletter list, simply include a statement in their purchase that they will be added to both.
The problem with this is that you will also need to offer them a way to unsubscribe to either or both. That protects both of you, as you would not want someone to be unsubscribed from your newsletter if they only drop a membership subscription or such.
If your setup does not allow for that type of auto inclusion, then you can simply ask folks to subscribe to your other list and explain the benefits of doing so.
You can include that request in their confirmation email when they purchase your product. You can also set up an automation to send them that request a few days or weeks after their purchase.
Are You Legally Handling Your Email Lists?
Let me know if all this is news to you, or if you have a workflow to help folks move from one of your lists to another.
Disclaimer
I’m a LONG-time list owner. In fact, I own multiple lists for multiple sites. But I am not a lawyer. The information presented here is for educational purposes only. Be sure you do your own research too.
Hi Maanna
So, if I download my Substack email list (for back up purposes) and store it on my computer or in my Cloud account, am I compliant with GDPR? I wouldn't use that list for anything other than back-up should Substack go down the tubes. And then, if they did, I'd write to everyone and explain what's happened, and what I intend to do, and then ask them if they want to re-subscribe to my new set up.
I ask because someone I was talking to seemed to think that downloading the email list wouldn't be compliant. (I'm in the UK).