CASL is a new anti-spam law that will apply to all electronic messages (i.e. email, texts) organizations send
in connection with “commercial activity.” Its key feature requires Canadian and global organizations that
send commercial electronic messages (CEMs) within, from or to Canada to receive consent from recipients
before sending messages.
Note- CASL does not apply to CEMs that is simply routed through Canada.
Commercial Electronic Message
A CEM is any electronic message that encourages participation in a commercial activity, such as an email
that contains a coupon or tells customers about a promotion or sale. That said, a message that includes
hyperlinks to a website or contains business-related information does not make it a CEM. CEMs must be sent to
an electronic address to be caught by CASL. Confirmations of successful unsubscribes, courtesy SMS sent to
roaming customers, and publication of blog posts on micro-blogging and social media sites are out of scope.
What constitutes consent?
To send a CEM, organizations must need to express consent from recipients-either orally or in writing.
Written consent can be electronic. The sender must provide a separate request for consent, which can not be
bundled, pre checked boxes. The sender must keep records of what was shared in the request of consent when
the recipient consented.
How do we get consent from our recipients?
When requesting consent, we provide recipients with:
The name of the person or organization seeking consent
A mailing address and either a phone number, voice message system, email address or
The website where recipients can access an agent for more information
A statement identifying the person on whose behalf consent is being sought
The identity and contact information of any third-party or affiliate used to obtain consent
A free unsubscribe procedure that lets recipients electronically opt-out of communications
The ability to opt-out of all types of communications sent by either your organization or a third-party partner
Implied vs. Express consent
The CASL law defines two types of consent: implied and express.
Implied consent includes when:
A recipient has purchased a product, service or made another business deal, contract, or membership with your organization in the last 24 months;
You are a registered charity or political organization, and the recipient has made a donation or gift, has volunteered, or attended a meeting organized by you; or
A professional message is sent to someone whose email address was given to you or is conspicuously published, and who hasn't published or told you that they don't want unsolicited messages.
If your recipients don't meet any of the above criteria, then express consent is required before you can send campaigns to them.
Express consent includes when:
A clear and concise description of your purpose in obtaining consent
A description of messages you'll be sending
Requestor's name and contact information (physical mailing address and telephone number, email address, or website URL)
A statement that the recipient may unsubscribe at any time.
The requestor can be you or someone for whom you're asking.
If you're requesting consent on behalf of a client, the client's name and contact information must be included with the consent request.
Express consent means written or oral agreement to receive specific types of messages, for example, "You want to receive monthly newsletters and weekly discount notifications from Company B."
For more information contact us at firstname.lastname@example.org.
Reference- Canada’s Anti-Spam Legislation (CASL)
The California Consumer Privacy Act (CCPA), enacted in 2018, creates new consumer rights relating to the
access to, deletion of, and sharing of personal information that is collected by businesses. It also requires
the Attorney General to solicit broad public participation and adopt regulations to further the CCPA's
purposes. The proposed regulations would establish procedures to facilitate consumers’ new rights under the
CCPA and provide guidance to businesses for how to comply. The Attorney General cannot bring an enforcement
action under the CCPA until July 1, 2020.
The California privacy law applies to businesses that operate in the state, collect personal data for
commercial purposes and meet other criteria like generating annual revenue above $25 million. It gives
Californians the right to see, delete and stop the sale of the personal details that all kinds of companies
— app developers, retailers, restaurant chains — have on them.
What does the California Consumer Privacy Act do for citizens?
Gives You Ownership
Protect your right to tell a business not to share or sell your personal information.
Gives You Control
Gain control over the personal information that is collected about you.
Gives You Security
Hold businesses responsible for safeguarding your personal information.
How We Become CCPA Compliant
We took a very aggressive stance by all mechanics to give people control over their data.
Refreshing protection approach with data on how, why and what individual data you gather and procedure.
Refreshing protection approach with data on how your clients can demand access, change, or deletion of their own information that you have gathered.
Presenting a strategy for confirmation of the personality of the individual creation such demands.
Presenting a "Don't Sell My Personal Information" connect on your landing page. It will serve clients to deny the selling of their own information from our side.
Acquiring earlier assent from minors 13-16 years of age before selling their own information. For minors more youthful than 13 you need to get earlier assent by their folks.
Under the CCPA, California residents (“consumers”) are empowered with the right to opt-out of having their data sold to third parties, the right to request disclosure of data already collected, and the right to request deletion of data collected.
For more information contact us at email@example.com