Stay Compliant with CASL

Mailchimp's signup forms, lists, and campaigns can help you manage CASL requirements.

This article is provided as a resource, but does not constitute legal advice. If you have more questions, we encourage you to contact an attorney in your area who is familiar with this issue.

Required Message Content

CASL requires that you include a few pieces of information in each campaign you send.

• your name and/or company name
• physical mailing address
• contact information
• an unsubscribe mechanism, like Mailchimp's Unsubscribe merge tag

Luckily, Mailchimp's Campaign Builder includes a drag-and-drop Footer content block, that pulls that required content into the campaign with merge tags. To make sure your merge tags display the right information, visit the Required email footer content page.

1. Navigate to the Lists page, and choose the list you're working with.
2. Click the drop-down menu next to the list you want to work with, and choose Settings.
3. Click Required email footer content.
4. Edit fields as needed and click Save.

Most footer templates already contain the unsubscribe merge tag, *|UNSUB|*. Take a quick look in the Campaign Builder to verify the tag is there. If it isn't, follow these steps.

1. In the Content section of the Campaign Builder, click Edit Design.
   
2. On the Design step, click the footer block.
3. In the editing pane, type in the tag *|UNSUB|* or choose the Unsubscribe Link option from the Merge Tags drop-down menu.
   
4. Click Save & Close.

If you send a lot of campaigns, or have several users on your account, you may want to add the required information to a campaign and reuse it, or create a template.

Send a Consent Campaign

If a lot of the people on your list have only given you implied consent to receive your messages, you'll need to ask those subscribers to explicitly opt-in to receive your Mailchimp campaigns.

There are a few steps to this process.

• Create an express consent group in your list
• Add required content to your Update profile form and Signup form
• Create an Update Profile campaign
• Segment your list for compliant subscribers

Create an Express Consent Group

1. Navigate to the Lists page.
2. Click the drop-down menu next to the list you want to work with and choose Manage contacts.
   
3. Click Groups.
4. Click the Create Groups button .
5. On the Groups page, click As checkboxes.
6. Type a clear, concise description into the Group category field. (48 character limit)
7. In the Group names field, enter "I consent" or similar statement.
   
8. Use the minus icons to remove extra group fields.
9. Click Save.

Add Required Content to Forms

Your contact information and a description must appear on both your Signup form and Update profile form.

1. Navigate to the Lists page.
2. Click the drop-down menu next to the list you want to work with and choose Signup forms.
   
3. Select Form builder.
4. Choose Signup form or Update profile form from the drop-down menu. (Be sure to update both forms.)
   

On the Build it tab, add header content block that includes the purpose of your request, a content description, your contact information and a statement that recipients can unsubscribe at any time. (Here are some acceptable language samples from CRTC.)

You may also choose to edit your Update profile email and Update profile email "thank you" page to reflect CASL's changes.

Create an Update Profile Campaign

After you've created the consent group and updated your forms, it's time to create a campaign whose primary focus is a link to the Update profile form.

Build a campaign as you normally would, and use the merge tag *|UPDATE_PROFILE|* as the link for text, an image, or a button somewhere in your campaign. We'll replace the merge tags with a URL of the subscriber's update profile page anywhere the merge tag appears. To add the merge tag, edit a content block and type the merge tag into the Web Address (URL) field for the text, image, or button you want to link.

Preview and test your email campaign as you normally would, and send it to your complete list.

To get the greatest response from your subscribers, you may need to send your Update Profile campaign a couple of times. You could even use an A/B Testing Campaign to test the most effective day or hour, to make the most of each send.

Each time you send the Update Profile campaign, be sure to segment your list. Remove anyone in the new consent group as well as new subscribers who signed up after the date you updated your signup form, so you don't ask them to consent twice.

Segmenting in the Future

To comply with CASL, you can only send to subscribers who have given express consent. To do this, bulk unsubscribe all subscribers who aren't in the consent group and who signed up before you updated your signup form. To remain in compliance and keep a healthy list moving forward, y ou should remove out-of-date subscribers no later than one year after you start the signup or cleaning process.

Export Proof of Consent

To get proof of consent data, just export your list. If you only want to see who's in the consent group, view or export segments of your list. You may want to keep a copy of your signup form also, in case you need to prove that the form included all of CASL's required information.

When you export your list, you'll get a CSV file with a lot of columns and a ton of information. Look for these columns:

• OPTIN-TIME: If double opt-in is turned on, this column will display the date and time the contact clicked the link in the opt-in confirmation email.
• OPTIN_IP: If double opt-in is turned on, this column will display the IP address when they accessed your hosted signup form.
• CONFIRM_TIME: When the person originally clicked to join your list.
• CONFIRM_IP: The IP address from which they confirmed their subscription.

Mailchimp tracks this information through your signup form, so we can't determine it for subscribers you import. To be safe, you should also have proof of consent for imported subscribers in a separate document or in hidden text fields in your Mailchimp list.