As a business owner, like many of you I receive a lot of emails.
I'm constantly surprised by the number of them that are, quite simply, illegal- even from relatively large companies that should know better.
It seems to be widely unknown what content *must* be in an email.
There are several legal constraints that govern what you can and can't, and what you must, put in an email.
- Electronic Communications and Privacy Directive
- The Companies Act
- The Data Protection Act.
Let's take them in order.
Electronic Communications and Privacy Directive
When sending an email, you need to consider the address you're sending it to.
- is it addressed to an identifiable individual? E.g. is it to
[email protected] or to
[email protected]? If it's a personal email, you must consider whether there is a good reason to send the mail - "I want you to buy my product/service" is not a good reason, *unless* you have a prior commercial relationship with the recipient OR the recipient has agreed to receive email by signing up to a list of some sort ("opt-in" or "permission" marketing). Even if they have, you must provide a mechanism by which they can opt out, and opt-out requests *must* be honoured.
NB a prior commercial relationship does *not* mean because the recipient has an order going though your system that you can "spam" them about a completely unrelated matter.
Be especially careful if you are buying in lists of "prospects" - some list-management companies are more scrupulous than others about cleaning their lists. If you get ridiculously cheap offer for 10,000 addresses - well, if it seems too good to be true, it probably is.
The Companies Act.
As you may know, there are certain items that it is mandatory to have on any letterhead. What's less widely known is that the same information must be available on your website and in any "business communication"- which includes emails.
- the legal name of the trading entity; if you are a sole trader e.g."Joe Soap t/a Joe's Soapworks", otherwise the legal name of the company, and if you trade under a different name, a statement to that effect.
- if a limited company, you must list your company registration number and jusirdiction and your registered office. If your trading address is different, that should also be listed.
- at least one means of contact: an email address *and* a phone number for preference.
- if you are VAT registered, your VAT registration, even if you don't take e-commerce payment.
- if you are regulated by any organisation (e.g. FSA, ABTA, CQC), the relevant ID
Data Protection Act.
The DPA requires that data be "legitimately obtained" and only used for the registered purposes - depending on the data you keep, you may or may not have to be registered as a Data Controller, but even if not you must abide by the guiding principles.
The common practice of writing an email to a number of recipients is fraught with danger- you should *never* send an unsolicited email with a number of unrelated email addresses in clear. Always send to a single "sacrificial" address with the other addresses as BCC - otherwise, by disclosing e.g. my email address to one of my rivals, you may have breached my rights under the DPA. This is especially serious if there is anything confidential about the relationship that could cause harm if inappropriately disclosed.
Finally - not a legal requirement but a sensible rule nevertheless: *do* make sure your emails pay attention to spelling, grammar and punctuation; it may *feel* like instant messaging but your email is more like a business letter, it may be preserved for years and you *will* be judged on presentation as well as content.