Rules around direct marketing / eDM
O*NO! While digital marketing has HUGE potential, it also involves big financial and reputational risks. So what are the rules for eDM to be legally compliant? And what do you need to consider in order to use eDM to effectively build relationships and grow your business?
What is eDM?
eDM or electronic direct marketing involves targeted marketing comms communicated directly to subscribers. It is more than just email marketing. Although eDM may start with an email blast, they typically follow up with retargeting ads across multiple social media channels, Google/Youtube, SMS, or offline advertising. It allows you to retarget comms to subscribers who click on links via other channels.
There are certain ‘rules’ to achieving a positive ROI with your eDM. Spamming your email database does not encourage sales. There is a LOT of BS to cut through, as everyone is constantly inundated with marketing. It takes time to build trust, and success can depend on the value of your offer. You might start to build trust by providing regular information of value to your prospects, in a genuine attempt to relate. Segmenting your list to avoid coming across as spammy can also protect your reputation. The aim should be to strategically connect with your ideal recipients to maintain the best engagement possible. Campaigns should have goals corresponding to a clear CTA which can be tracked.
So how can you ensure your eDM is legally compliant?
When sending electronic comms using personal information, two overlapping areas of law are key to ensuring your eDM is legally compliant..
While the Privacy Act regulates the processing and sharing of personal information and using tracking technologies such as cookies, the Spam Act sets out rules businesses must follow when sending eDM. Both the Spam Act and the Privacy Act involve issues of consent.
Direct marketing rules under the Privacy Act
Under Australian privacy laws, the rules around collecting and using personal information apply to businesses subject to the Privacy Act. Consent is a valid ground for using someone’s personal information for digital marketing and can be obtained through specific provisions in your privacy policy. Other grounds include where someone would reasonably expect their personal information to be used for direct marketing via those channels (eg email, SMS, etc) in the course of your business.
In any case you must provide an easy way to opt out of receiving direct marketing. And that’s where the spam laws also come into play.
What are the Spam rules ?
The Spam Act rules how businesses directly communicate with consumers through email, SMS and other electronic means. Three things you need to know here are consent, identification and opting-out. You must:
Obtain consent - either express or inferred. Express consent includes actively ticking a checkbox (not pre-filled) or filling in a form which gives permission. Consent can be inferred from an individual’s conduct or the relationship they have with your business, like if they knowingly give their info and it is reasonable to believe they would expect to receive marketing messages from your business. This may be so if there is an ongoing relationship through a subscription, account, or membership, and the marketing is relevant to that relationship or their level of engagement.
Clearly identify your name, business and contact details in all comms. Yours or your business’ name should be clearly visible in the ‘from’ field or subject line of emails or when looking at the sender info received through SMS.
Make it easy to opt-out or unsubscribe from every promotional message. The new Spam Regulations 2021 restrict businesses from asking for any personal information or account login details in order for consumers to unsubscribe. Businesses who use links to ‘manage preferences’ to facilitate unsubscribes risk breaching the Spam Act if they require recipients log into an account, or to provide any personal information in addition to the electronic address.
What about tracking ?
eDMs often involve tracking engagement to understand how your campaigns may or may not be achieving your objectives. Key metrics to assist with planning future campaigns include your open rate, clickthrough rate, and unsubscribe rates.
Enabling analytics to obtain remarketing data can take this even further. But it also raises complex privacy issues around the placement of cookies and data tracking. Transparency is key to your obligations here. You will be required to notify visitors if you enable data tracking and to explain why and how this data will be used and disclosed. We suggest you include this explanation in your privacy policy.
Key takeaways
Is it time for a review of your current marketing practices? Are you striving for targeted engagement, or is your reputation at risk?
How do you obtain valid consent? Does everyone in your agency understand the legal requirements?
Review your unsubscribe processes. DON’T force people to give extra personal information or require them to login.
If you intend to use third party analytics or place cookies that enable tracking, give notice and check if your privacy policy allows you to do so.
Your Next Steps
If you need specific advice on digital marketing, get in touch. We can help you understand which rules apply to your business. We will be running training on these topics in the future, so please let us know if this peaks your interest! In the meantime, if you want to ensure you don’t have any hidden risk areas in your agency book a FREE 10 minute chat with our team here.
Boring legal stuff: This article is general information only and cannot be regarded as legal, financial or accounting advice as it does not take into account your personal circumstances. For tailored advice, please contact us. PS - congratulations if you have read this far, you must love legal disclaimers or are a sucker for punishment.