Call us on 0439 033 362

If you want to do email marketing in Australia (and you do!) you need to be sure you’re sending emails but you’re not sending spam. That means you need to comply with the Spam Act 2003. Here’s a quick guide to how to do it:

What does the Spam Act cover?


The Spam Act applies to ‘commercial electronic messages’.

Primarily, that means marketing emails. It also covers other kinds of electronic messages like SMS.

Now let’s look a little more closely at the content of electronic messages rather than the format.

  • If you send a special offer with an invitation to buy or reply, that’s clearly a marketing email.
  • If you send a newsletter with no direct offer or promotion, that’s still considered a marketing email. Why? The argument is that the purpose of the email is to develop a relationship so that at a later point you can sell or promote to them.
  • You probably also send some ‘transactional/operational’ emails. Appointment confirmations and reminders. Invoices, receipts, delivery notifications. These are also technically ‘commercial electronic messages’. What’s more, many companies take advantage of these regular operational emails for additional promotion of their business – for example adding a couple of lines with a link to the ‘product of the month’, a special offer or so on.

The last category rarely if ever generates complaints. That’s because these operational emails go to existing customers and prospects who are in the process of discussing business relationships. But they are still commercial electronic messages.

The best and safest option is to ensure that all automated messages your business sends out are Spam Act compliant.

You also need to make sure that if existing customers unsubscribe from your regular marketing email, they don’t also unsubscribe from the operational emails you need to send just to do business with them!

For this reason, it’s best to have at least two email lists – one for clients only, which you use for the operational stuff, and one for marketing, which can go to clients and prospects and leads – as long as it’s Spam Act compliant. Even if your invoices, appointment reminders etc are all one off emails, you may still want to consider a client list. It’s useful for things like holiday operating hours, or updates about coronavirus regulations or things like that. Being able to communicate with all your clients really quickly and easily is a good thing.

How do you comply with the Spam Act?

There are three core requirements for your email to comply with the Spam Act.

1. Your emails must clearly identify you as the sender

This is actually good business sense. You wouldn’t send a letter or invoice without saying it’s from you. Why would you send an email and not be clear who it’s from?

2. Your emails must include a functioning unsubscribe capability

This is essential. Anyone on your list has the right to opt out at any time.

If you’re sending through any email service provider (MailChimp, MailerLIte, InfusionSoft, AWeber, ConstantContact) or a CRM (Salesforce, Hubspot, Zoho), the provider will almost certainly include a link in your footer by default. You may or may not have the option to change the wording and format of this link, but you won’t be able to remove it entirely.

NoBull Marketing uses Mailerlite, and our email templates are set up with a footer with all the identity information and the unsubscribe link in it. Here’s an example:


If you’re sending marketing emails manually (yes, a few people still prefer this!), you need to have an unsubscribe capability.

You can include a link just saying please reply with unsubscribe in the subject line and handle it manually. It doesn’t look exactly professional, but you can do it. Just make sure you complete any unsubscribe requests within 5 working days.

3. You must have consent

That sounds really simple. But what is consent? There are actually two kinds of consent, and the second – inferred consent – is where it gets complicated.

Express Consent

Express consent means that the subscriber has confirmed in some way that is visible and recorded that they would like to receive emails from you.

  • They could have sent you an email saying please subscribe me to your newsletter I’d love to get it.
  • They could have opted-in via a form on your website. This form confirms and records how and when they opted-in, what IP address they used etc. Most third-party software does this automatically.

There is a lot of advice saying that express consent requires double opt-in. That is, when someone signs up on your website, you send a confirmation email. They have to click and confirm on that email before you add them to your list.

In fact, express consent doesn’t necessarily require double opt-in. However, double opt-

in has other business advantages. It means you tend to get a smaller but more committed list. It’s really your decision.

Express consent does require that you tell people they are signing up for an email list and will receive regular emails, not just a one-off download.


Inferred Consent

Inferred consent is a little more complicated. How do you know that someone – not yet a client or even really a prospect – is happy for you to send an email to them?

Here are my guidelines:

  • Anyone who’s a customer has given inferred consent. They have a business relationship with you. Unless and until they ask you not to send them marketing material, there’s absolutely inferred consent to talk about business opportunities with you.
  • If somebody has filled out an enquiry form on your website, asked for information or expressed interest in communicating with you, you have inferred consent. They have made steps to discuss business opportunities with you. Send them marketing emails (either a newsletter or a nurture sequence) unless and until they unsubscribe.
  • When you meet somebody at an event and exchange business cards, you do not have inferred consent to add them to your email list.

That last one is important.

If you meet someone at an event and they give you a card, the natural ‘polite’ thing to do is to give them your card in exchange. That does not mean you ever want to talk to them again. It may just mean you want them to go away! So how can having a business card be a sign of inferred consent?

So how do you follow up on all those people you meet at networking events? (At least, the ones you met before Coronavirus, and the ones you hope you will meet after Coronavirus…)  I’ve explained my process in this earlier post about email list building. As a marketer, I don’t want to appear spammy and I don’t want to push boundaries. I want to start each and every relationship – even the ones which go nowhere – with integrity and good business practice.


International email marketing

Note that if you are conducting email marketing internationally. The European GDPR and the American CAN-SPAM requirements are pretty much the same. So if you comply with the Spam Act, you probably comply in other countries you are working in. The only thing to check is double opt-in requirements.

Consent issues when you first start email marketing

It’s also worth taking a closer look at consent if you haven’t been email marketing and you decide to start. What is the position with ex customers or old enquiries?

You were in a conversation at one point, but it’s been a while. Inferred consent may well have lapsed. And you can’t send them an email asking them if you can add them to a mailing list – because you don’t have inferred consent to send that email!

Rule of thumb about timing:

  • For most businesses, if you’ve had no contact for 6 months, consent has lapsed.
  • Some businesses may have inferred consent for longer. For example, if you offer annual pest inspections, or horoscopes, or equipment servicing, you could argue inferred consent for 12 months from last contact. But make sure you have a good case.

Options to proceed:

  • Limit your starting email list to current clients and prospects. This is by far the safest and most compliant.
  • For lapsed contacts, you could consider a general database cleanup exercise. So you contact them asking them to review the data you have and give them options like:
    • remove all our data not required for legal purposes
    • keep our data, with the amendments and updates provided.
      If they choose the latter, one of the updates they can make is to opt in to your marketing emails. (One or more lists, depending on how advanced your segmentation is.

This second option is very respectful and non-aggressive – however, it is potentially a technical breach of the Spam Act. Be very careful if you choose to do this. And think like a business – is it worth it? Realistically, is there an opportunity for business with these contacts? Because if there isn’t, why do it at all?

Summing Up

It’s not only simple to comply with the Spam Act, it’s also good business sense.

Modern email platforms make it really easy to set up and manage. You just need to make sure you know what your systems and processes are.

If you need any help sorting those out, we’re happy to help. We may be able to fix the whole thing in your first complimentary meeting too, which means it won’t cost you a penny! All you need to do is book a time to talk.



You might also like