The Importance of Following the Rules and Regulations of Email Marketing.

Updated: Sep 14, 2021

When carrying out your email marketing activities, it is vital that the contact database being used is managed correctly and emails are only sent to those appropriate. There is a multitude of rules and regulations surrounding email marketing that must be followed to avoid penalties and fines.

The contact information of all of your recipients should comply with GDPR regulations and be handled appropriately under PECR guidelines. If this data does not conform to these standards, it can put your business at risk of serious consequences from the ICO. (Information Commissioner's Office).

In this article, we’ll be delving into the importance of following the rules and regulations of email marketing and how avoiding these procedures can result in severe ramifications for your business.

The GDPR and PECR Guidelines.

If you are using email to send marketing content to a database of contacts, you will need to follow the GDPR and PECR guidelines. These rules outline the correct approach to sending marketing emails and managing the contact information of your recipients. Even when just sending one simple marketing email, these rules will need to be strictly followed in order to stay within the law. It is important for any business carrying out these email marketing activities to understand the guidelines and stick to the rules to avoid repercussions.

So, what exactly do these rules and regulations mean to your business and how do they affect the way marketing emails are sent?

Personal Data

Developing email marketing campaigns involves the management and processing of personal data. When dealing with this personal data, it is important that the contact information is stored safely and appropriately under GDPR guidelines.

Each individual within a list of recipients being sent a marketing email must have consented to allow their personal data to be stored and processed. If this consent has not been given the personal data should be entirely removed and disregarded from a contact database.

Email contacts on a database of contact information stored on a computer.

Sending an Email

Similar to the management of personal data, sending a marketing email to an individual will require their consent in order to stick within the PECR guidelines. Before a marketing email can be sent to a recipient, they must first opt-in to receive the emails and be offered the right to opt-out at any time.

However, under certain circumstances, PECR rules state that direct consent is not always required. When developing an email campaign within the B2B environment, an email can still be sent to a recipient if they have a ‘legitimate interest’. This is what is called a ‘soft opt-in’ allowing businesses to send marketing emails to contacts that haven’t specifically requested to opt-in. Although it is important to keep in mind this rule does not apply to most B2C businesses and is only relevant to businesses that meet a certain criteria, such as many B2B organisations.

An email being sent to a recipient via a laptop.


As briefly mentioned, any recipient that receives a marketing email should have the right to opt-out at any time. Most businesses will provide this option within the footer that includes the link to the page where they can unsubscribe. It is important that businesses have a clear option for recipients to opt-out if they are not interested anymore.

Once unsubscribed recipients will need to be removed from the current mailing list and added to a suppression list to ensure they will not be contacted again.

Two emails with one being unsubscribed and the other being subscribed to.

The Consequences of Not Following the Guidelines.

Despite all the rules and regulations issued by the ICO surrounding email marketing, businesses continue to get it wrong and ignore the guidelines on how to appropriately send marketing emails to their potential and existing contacts.

When these laws are breached, the ICO will conduct an investigation into the businesses that have been reported and action will be taken if evidence of breaking email marketing rules is found. The consequences of not following the guidelines set out by the ICO are often substantial fines to businesses, varying in size depending on the severity of the situation.

Below are just a few cases that we have highlighted, where businesses have broken the email marketing rules and had to face the consequences issued by the ICO. Ltd

On the 18th of May 2021, action was taken against a company called Ltd who sent 84,000 ‘nuisance’ emails to customers in 2020 during the height of the COVID-19 pandemic. Ltd are a ‘track-and-trace’ service provider to organisations that require records to be kept of individuals visiting their business, in line with government COVID-19 rules at the time. The business provided individuals with QR codes that could be scanned by customers entering a company’s premises. This allowed their details to be tracked so they could be contacted if any COVID-19 positive individuals were found at the location at the same time.

The business was first reported to the ICO when a complaint was made by an individual who had received an unsolicited marketing email on the 6th of November 2020. This complaint was made regarding an email that was received, thanking the individual for using the QR code to scan into a business, which the individual stated they did not consent to receiving. They believed they did not have any relationship with Ltd and shouldn’t have received the email.

Once the complaint was made, more information was obtained by the ICO, that revealed how the individual would have signed up to the marketing email. The individual had consented to the initial marketing email once their track and trace details were given. The first two emails that had been received did not raise any concerns with the ICO regarding the PECR rules. Yet the issue arose with the next two emails that were received. Ltd had made the error of deleting the recipient's contact information entirely once a contact had unsubscribed. This meant the next time they used the service to sign into another venue, the recipient would be added back to the mailing list and receive additional emails even after unsubscribed. The company failed to add the recipients who opted out onto a suppression list, meaning individuals were still receiving emails once their details had been entered for a second time.

Because the organisation breached the PECR guidelines for the sending of marketing emails even after unsubscribed, the business was issued a monetary penalty. The ICO gave a penalty to Ltd of £8,000, which was a reasonable and proportionate amount given the circumstances of the case.

If you would like to learn more about this case, more details can be found on the ICO website.

Studios MG Limited

On the 8th of October 2020, Studios MG Limited were found to have sent thousands of unlawful marketing emails to individuals without their permission.

The investigation into this case began when an unsolicited email had been received by an individual regarding the advertising of surgical masks. This email was reported to the ICO, who identified the sender to be Studios MG Limited.

The unsolicited emails included a link directing to a website named ‘’, with the aim of selling and advertising surgical masks. The investigation into these emails found that during the initial outbreak of the COVID-19 pandemic, the sole director of Studios MG Limited purchased a stockpile of face masks to sell at a profit.

These emails were being sent with the aim of reselling the purchased face masks and had been received by multiple recipients who hadn’t opted-in or had a legitimate interest in the emails. When the ICO got in contact with Studios MG Limited they requested more information on how they obtained the recipient's data. The organisation responded stating the data was obtained from ‘several sources’, and couldn’t provide the exact number of emails that they had sent as the account used to send the email had been deleted. It was estimated that around 8,000 - 9,000 people had been sent the email in total.

Studios MG Limited stated that it does not hold any evidence of consent for the recipients who received the marketing email promoting the face masks, with the contact information mostly gathered from a variety of unrelated sources. This meant it did not fall under the ‘soft opt-in’ exemption as the recipient had no interest in the sale of face masks.

This was considered a serious matter, with zero evidence to prove Studios MG Limited had valid consent to send these emails. The ICO decided that the organisation had deliberately breached the email regulations in order to sell face masks at a premium during the national health crisis.

The ICO believed the emails were being used to exploit the current pandemic, intentionally breaching guidelines in order to make a quick profit. Due to the severity of this case, the ICO issued Studios MG limited with a substantial monetary penalty of £40,000.

If you would like to learn more about this case, more details can be found on the ICO website.

In Conclusion

These are just two instances of when email marketing rules and regulations have been breached, and businesses have had to face the consequences. As you can see these consequences can change depending on the situation, with major cases of rule violations costing businesses thousands of pounds.

This is why it is so important for businesses to understand the guidelines surrounding email marketing and ensure they remain within the law. Without paying attention to these email marketing best practices, your business could be facing some substantial charges.

How We Can Help

In the world of email marketing, it can sometimes be complicated and confusing to understand all of the rules and regulations surrounding the marketing strategy. If you are still uncertain about some of the guidelines and practices that should be followed when using email marketing, it might be time to consider outsourcing to take the stress out of managing and understanding all the email marketing rules, and take it out of your hands!

At Inspired Digital, we provide email marketing services to help you engage with your audience and improve your sales. Our team has the experience and knowledge to accurately create an email marketing campaign with systems in place to ensure the correct email marketing standards are met.

If you are interested in learning more about how we can help with your email marketing activities and a variety of other digital marketing services, feel free to check out our digital marketing services page or get in touch to find out more!

Welcome to our blog!

Here you'll find Digital Marketing & Website Development tips, insights, statistics and more!