A Guide To Implementing CASL In Your CRM
With the economy cooling and people looking for new ways to generate business, I’m getting a lot of inquiries from clients wanting to send out emails to a list of people they either got from a directory or some other source. Sending business emails out to people you don’t know or haven’t consented is the very definition of spam. Not only can this affect your domain name by getting black listed on various spam directories, but in Canada, it can also be illegal with huge fines (millions $$$) for non compliance.
If you’re unfamiliar with CASL here is a CASL Legislation Summary. I wrote when the CASL legislation came out.
I personally use SuiteCRM and it already has some built in fields to manage compliance with spam regulations.
Lawful Basis For Email Compliance
Lawful basis is used for GDPR compliance and can also be useful here in Canada to make sure you can prove opt in for CASL, Canadian anti spam Legislation.
Basically, you can add these fields to your lead and contact layouts:
Lawful Basis: ie: subscribed opted in (Consented), via contract, legal obligation, previous relationship or any other way you want to track that you are lawfully allowed to send commercial emails to a contact. Lawful Basis reasons that are pertinent to your country can be added in the Dropdown list editor. So in Canada your options are “Consent” for which you have recorded the clients verbal or written consent to receive emails. “Implied Consent” is another option in Canada. You have the options of: Previous Business Relationship, Personal Relationship, Grandfathered, Publicly Published Email, Family.
Date Reviewed: some countries have legislation about how long an opt-in is allowed to be used for vs. a verbal opt-in. You can track the last date this was reviewed by this field. In Canada you are required to keep records for up to 3 years.
Lawful Basis Source: This will track where the lawful basis was given. For example: verbal, via website, from a third part list provider, etc.
Lawful basis can be updated manually in a specific record or mass updated from list view by selecting Bulk Actions with many contacts selected.
Lawful basis can also automatically be updated if “Confirmed Opt In” is selected in email settings as noted above and the confirmed opt-in email has been responded to. This will make the Lawful Basis as “Consented” and the Source to “Email”, it will also update the date reviewed.
You can also send Confirmed Opt In Emails manually by selecting contacts (or leads) from list view, then Bulk Action and selecting “Send Confirmed Opt In Email”. This only works if you have Confirmed Opt In enabled. You may also do this from a contact record.
I have another great article about SuiteCRM Email Marketing that covers this and all the other opt-in/opt out settings.
If you’re doing all this stuff correctly and diligently you’ll end up with a detailed record of each contact and be able to show due diligence around collecting consent for emails being sent out.
I am not a solicitor, nor am I offering legal advice. Please consult a solicitor and/or do your own research on the application of CANSPAM and CASL regulations and how they might apply to your business and/or unique situation.