• Deutsch

GDPR: Email marketing after the new reform

The GDPR - the European Union's General Data Protection Regulation - has been in force since May 25, 2018. Even though the regulation is now almost two years old, there is still a lot of uncertainty when it comes to dealing with the complex set of rules.

GDPR email marketing
Do you still have questions? Do you need legal support with the implementation of GDPR in your email marketing? Call (040) 3501 6360 or send an email to info@kanzlei-bennek.de.

This applies in particular to the online sector - and especially to modern online marketing. This article provides you with an important link to the topic of GDPR and email marketing.

If you have any questions, you are particularly well advised to consult a specialist lawyer.


  1. What does the GDPR regulate?
  2. Email marketing and spam
  3. GDPR and email marketing - observe sanctions
  4. Use a non-binding initial consultation

1. What does the GDPR regulate?

To fully understand the link between GDPR and email marketing, it is a good starting point to explain the purpose of the GDPR.
The regulations have been developed to protect the data of individuals who are in contact with a company or public body.

In this context, we are talking about so-called personal data. All data that can be used to determine a person's identity is integrated into the regulations.

On the one hand, this naturally applies to all personal data - such as name and address, telephone number and email address, date of birth and gender. But it also applies to bank details, religion - and even the IP address of your computer or smartphone that you use to surf the internet.

And that brings us to the topic of GDPR and email marketing.

2. Email marketing and spam

You have probably also been annoyed by emails in your virtual mailbox that you have not ordered and that are intended as spam for marketing purposes. Legally, this is not okay.

But before we deal with such trifles legally, we usually send the mails to spam.

However, it is of course a little different if you run a company and want to inform potential customers about your latest promotions. Are you allowed to send an email for advertising purposes or is this no longer compatible with the GDPR?

Permission is the be-all and end-all

Your data belongs to you and it is you who decides what is done with it and whether you make it available at all.

This is how you could describe the rules that apply to the handling of your customers' and prospects' data. For marketing with e-mails, this means that you are not allowed to do this without being asked.

Explicit permission from the respective recipient is the be-all and end-all - and the main thing that is regulated in the GDPR for the consumer.

The classic example: the newsletter

As a special form of email marketing, newsletters may not be sent without permission. Even if you are 100 percent sure that the recipient will appreciate your newsletter, you do not have the right to do so.

Only when you have the user's subscription to the newsletter on the Internet can it be sent. The subscription for which the user registers via your website is the legally relevant consent for the mailing.

Taking subtleties into account

However, when collecting data for a newsletter or similar forms of email marketing, it is important that you only collect the data that is important. Example: You do not need to have the potential customer's cell phone number in order to send an email. This can result in someone entering a person's email address in a subscription registration process without them being aware of it.

For data protection reasons, it is therefore important that you offer the subscription to your newsletter as part of a so-called double authentication process: First, the user registers in the traditional way. Then you send them a confirmation email. This contains a link which the user clicks on to confirm the subscription.

Consider the right to information

The interested party or customer has the right to receive information about which data you collect, store and process. They also have the right to have data deleted. This is known as the right to be forgotten. There are special deadlines for this, which are binding for you.

3. GDPR and email marketing - observe sanctions

Anyone who fails to comply with the GDPR regulations in email marketing can expect severe sanctions. Ignorance cannot protect you in this context.

There are even specialized warning lawyers who are unpleasantly active in this context. The penalties for actions that do not comply with data protection regulations can be high.

Two tips are particularly relevant when it comes to GDPR and email marketing:

  • Firstly, you should have a capable data protection officer who can advise you well.
  • Secondly, in the event of legally relevant disputes, you should consult an experienced lawyer who is highly specialized in e-law.

4. Use a non-binding initial consultation

Our law firm has a specialist lawyer for intellectual property law who can also offer you competent and specific advice on GDPR and email marketing.

In the era of digitalization, it is extremely important to act in a legally compliant manner on the Internet. We offer you valuable support for your online presence. So make an appointment, which we will arrange for you discreetly and without obligation.

Do you have any questions about the GDPR reform and its impact on email marketing?

Make an appointment now!

Picture credits: Melpomenen | Canva

Marco Bennek
I started working as a lawyer in 2006 and have been advising clients in competition and trademark law for more than 10 years. Since June 2015 I have been a specialist attorney for industrial property rights and since May 2013 a partner in the firm of HELMKE Attorneys at Law and Tax Advisors and Patent Attorneys. I studied law in Hamburg, Madrid, and Wellington (New Zealand) and hold a Master of Laws (LL.M.).
Rechtsanwalt Marco Bennek
Lawyer Marco Bennek – trademark law, copyright, competition law and IT law in Hamburg
c/o Elbkanzlei
Bleichenbrücke 11
20354 Hamburg
040 3501 6360
Opening hours
Monday to Thursday
09:00 - 18:00
09:00 - 16:00