Updates from the CSA: Email footers and data retention – Emarsys

Data protection and transparency have always been core tenets of Emarsys – even before GDPR came into force on 25th May, 2018. These high standards are the basis of our certification with the Certified Senders Alliance (CSA), which manages an allowlist to ensure safe delivery of emails in several ISPs and mail providers. Its quality standards cover legal and technical admission criteria.

We would like to inform you of two recent changes to these standards.

Email footer requirements
Data to retain following a GDPR data deletion request

As of 25 May 2019, in every email you send an easily recognizable legal notice must be contained as full text.

This means it will not be enough to just link to that information on a web page.

The legal notice must contain the following details:

Name of supplier, and in the case of companies, corporate name and legal form.
Authorized representatives (in the case of legal entities).
Postal address at which the sender can be summoned (i.e. not a P.O. box).
Email address.
Telephone number.
Fax number, if applicable.
If available, commercial, cooperative, association, or partnership register number.
If available, VAT identification number and/or business identification number.
In the case of journalistic and editorial content, the name of the publisher.

Further obligations to provide information in accordance with national laws are not affected.

You can find an example of a compliant legal notice for a limited liability company as well as additional background information here:

“eco Directive for Permissiblee-Mail Marketing” on pages 29 et sqq.
“CSA Admission Criteria” under number 2.4

It is most likely you are not affected by this change, as your templates should meet these requirements already because they have long been best practice policy.

However, if you notice otherwise or have questions relating to this, please don’t hesitate to get in touch with your Success Manager.