Skip to main content
All scenarios

Newsletter & Email Marketing

Collecting email addresses? Welcome to double opt-in territory.

Every newsletter signup form, lead magnet, or email list triggers consent, documentation, and data retention obligations under multiple EU regulations.

Reality check

Can you prove that every subscriber on your list gave explicit, documented consent?

GDPR (General Data Protection Regulation)

mandatory Art. 6(1)(a), Art. 7, Art. 17, Art. 21

Your obligations

  • Double opt-in for every subscription
  • Documented proof of consent (timestamp, IP, context)
  • Easy unsubscribe mechanism in every email
  • Data Processing Agreement with email service provider
  • Consent records retained for the duration of processing

SiteGuardian monitors this

  • TLS/HTTPS encryption monitoring
  • Automated cookie consent detection
  • Security headers analysis
  • Email transport encryption checks
  • Breach notification SLA tracking (72h)
  • Digital DPA/AVV signing

Risk if ignored

Fines per violation — each email without consent is a separate infringement. Class action risk from consumer protection associations.

ePrivacy Directive (Cookie Consent)

mandatory Art. 5(3)

Your obligations

  • Prior consent for marketing communications
  • Sender identity disclosure in every message
  • Opt-out honoured within 48 hours

SiteGuardian monitors this

  • Pre-consent cookie and tracker detection
  • Cookie banner presence and configuration analysis
  • Reject option validation
  • Consent mode compatibility check

Risk if ignored

National telecom regulators can impose fines independently of GDPR. In Germany: UWG violations add competition law risk.

Does this apply to you?

If you answer yes to 2 or more, these regulations very likely apply to your business.

See where you stand

Our free scanner checks your website's security posture, SSL, headers, email authentication, and more. No account needed.

Check your email security setup
View all scenarios · EU Regulatory Directory · Compliance Plan

This page provides general information about EU regulatory frameworks. It does not constitute legal advice. Consult a qualified legal professional for advice specific to your situation. SiteGuardian documents your monitoring continuously — compliance is your organisation's responsibility.