The POPI Act & Email Marketing

The protection of personal information act (The POPI Act)has come into effect and all businesses have until 1 July 2021 to comply. So what does this mean for your business and your email marketing? Firstly, let’s start off with what the POPI Act is; POPI refers to South Africa’s Protection of Personal Information Act which seeks to regulate the Processing of Personal Information. You can read more about POPI here. 

How does POPI affect email marketing?

We at TouchBasePro firmly believed and implemented the rules of POPI and GDPR before they had come into effect. The main reason for this is deliverability; we need to protect the reputation of our IP addresses in order to ensure good deliverability. Bulk unsolicited emails result in spam complaints from recipients. To oversimplify a super technical issue for the sake of clarity, spam complaints tend to hang around and contribute to our server’s ranking on various spam filters and mail server rules all over the world. We need those mail servers and spam filters to accept the mass emails that we send on behalf of our clients. So we have to follow the rules and not send junk mail. In the long run, this is good for you (if you are our client) as you can be sure of maximum deliverability of your email messages.

In simple terms, the POPI Act requires you to get permission from someone before you can add them to your database and send them an email. 

Here is how you can be POPI compliant: 

  • Collect personal information from the subscriber directly
  • Collect personal information for specific, explicit and lawful purposes only
  • Only process personal information if the subscriber consents
  • Do not retain personal information for longer than necessary
  • Facilitate that personal information remains accurate and updated
  • Ensure all personal information is protected
  • Ensure all  3rd parties/operators, contractually comply
  • Must be able to report on the data upon request
  • For direct marketing, you must obtain the consent of the subscriber
  • The data subject must opt-in to every particular channel
  • Where the subscriber has requested a change or opts out of a particular channel, this request must be honoured immediately

What happens to customers that are already on my database?

If you don’t have proof that these customers requested to receive information from you, then you will need to request permission from these customers in order to continue marketing to them. If permission is not obtained it is suggested that you remove these individuals from your database. 

When communicating with your current customers it is important that you take note of the following:

  • Ensure you got their details in the process of selling a product or service.
  • Always identify yourself: display your logo or company name in the body of the email.  Your sender name is also important to identify yourself.
  • Content sent to your customers must be related to your product or service that they requested to receive information about. 
  • Your customer can easily opt-out of receiving communications from you. Having an unsubscribe link makes it easy for customers to do this. 
  • Provide an address to which the customer can send a request to opt-out.

TouchBasePro Email Footer Example

In conclusion, the most important thing to make note of is permission. Always ensure you’ve got permission to contact someone, a subscriber should never be surprised to hear from you. If you’d like more information on how you can be POPI compliant, book your free POPI guidance session here