• Trust
  • Submit a request

    • Need assistance with your Emarsys product?
    We'll get you the help you need!

     

    Emarsys client

     

    Emarsys client
    SAP for Me Login

    You can contact our support team via the SAP for Me.

    The Emarsys component: CEC-EMA

    		Login to the Help Portal and Submit your request. 
    1. Emarsys
    2. Getting Started
    3. First Steps

    Email compliance self-assessment
    Updated

    This article is to help you conduct your own audit, by drawing your attention to the areas where you need to be most careful.

    Important note

    With increasing pressure on data and marketing compliance, your emails are scrutinized more than ever. Achieving high levels of compliance will help building a successful digital marketing program.

    Compliance basics

    Legal compliance
    Your marketing program complies with local data protection, privacy, marketing and advertising laws.
    Your marketing team is given the training, monitoring and support necessary to understand and comply with local laws.

    Digital marketing self-assessment

    Our self-assessment process helps you understand how to make your digital marketing program more successful so your emails can be delivered more effectively.

    For those recommendations, you may need to involve your technology, marketing, legal and website teams.

    Use of personal data
    You have an internal data retention policy or a customer lifecycle process which defines when customer data should be deleted.
    You explain your data lifecycle or data retention policy to your customers, either when collecting data or via an easily-accessible section of your Privacy Policy.
    You have processes in place to delete data when it is no longer needed.
    Your email marketing lists
    You can differentiate between active and inactive recipients
    Use your definition to create a split based on your contact base Full mailing list
    Active contacts
    Inactive contacts
    Unknown
    Your emails and marketing campaigns
    All your marketing emails contain an easy-to-use unsubscribe link.
    All your email content is in line with the expectations of the recipients.
    All your emails identify your brand which your recipients can recognize:
    • The From name and From email address identify your brand.
    • Links go to your website.
    • The branding reflects your website branding.
    • The email footer information satisfies local legal requirements.
    • When sending third party content, relevant explanatory information is included.
    Sign-up, registration forms and opt-in processes
    Marketing consent is optional and has all of the following:
    • It is managed separately from other agreements.
    • It requires a “positive action”, such as an optional email field which is labeled as being for marketing purposes, an un-checked box or radio button, or some other separate and distinct action indicating consent.
    For customer “soft-opt-in”, where an email address is collected as part of the sales process:
    • Marketing consent is optional during the checkout process and it is easy to opt out.
    • All future marketing consent is related only to that specific sale, product or service.
    All the information collected is necessary.
    • There are no unnecessary mandatory fields.
    • It is clear why each piece of personal information is collected.
    Opt out
    • Customer can easily opt out of marketing emails.
    Privacy Policy / Privacy Notice
    Your Privacy Policy is easily accessible during your sign-up and account creation processes.
    • The Privacy Policy is easy to find.
    • The Privacy Policy can be accessed without interrupting the sign-up or account creation process.
    Your Privacy Policy is easy to read.
    • The Privacy Policy can be read on a mobile device.
    • Privacy information is written in language appropriate for the audience.
    • The layout is easy to navigate.
    Your Privacy Policy explains how you use marketing data.
    • Marketing communications are explained.
    • If you collect other personal, demographic or behavioral information, that usage is explained.
    • If you share marketing data, that sharing is explained.
    Your Privacy Policy explains data subject rights.
    • You provide contact details for your company and your Data Protection Officer.
    • The different marketing unsubscribe options and preferences are explained.
    • Rights relating to data erasure and processing are explained.
    • If you share marketing data, rights relating to that sharing is explained.

    CSA allowlist

    As an Emarsys customer you can take advantage of our CSA certification. This certification is evidence of the highest standard in responsible digital marketing.

    CSA-certified senders like Emarsys must agree to comply with strict legal and technical quality standards for email. In return, their IP ranges are added to allowlists and receive priority inbox placement from the ISPs that respect these allowlists.

    What is CSA certification?

    To learn more about what the CSA is, watch this short video.

    CSA additional requirements

    CSA / Platinum Sender - additional requirements
    In addition to what is described in Your emails and marketing campaigns, above, your emails templates must use one-click List-unsubscribe.
    In addition to what is described in Sign-up, registration forms and opt-in processes, above, your sign-up forms must contain:
    • Text describing the unsubscribe process next to the collection of email address and opt-in.
    • A description of the type and content of the emails that are being subscribed to.
    • No mandatory fields other than email address for purely email opt-in.
    • The names of any companies (up to 10) that you send emails on behalf of - not just a reference to “other trusted partners” or similar.
    In addition to what is described in Privacy Policy, above, this document must contain:
    • Your company name (not just brand name), address and VAT/Sales tax number.
    • Your contact details (physical address, email address, phone number).
    • The contact details of your Data Protection Officer or other authorized representative.
    • The names of any companies (up to 10) that you send emails on behalf of - not just a reference to “other trusted partners” or similar.
    • The names of any third parties who process data for you, if that is the case.
    • A clear statement that no data is shared with any other third parties, if that is the case.

    Sending via a CSA allowlist member IP range is expected by ISPs in Germany, Austria and Switzerland.

    Resources and references

    Was this article helpful?
    0 out of 0 found this helpful
    Return to top