What should be included in a business email?

A commercially sent email requires a legal notice, which includes information about the company, such as the full company name, an email address, and optionally the VAT identification number.

How to ensure compliance with the imprint obligation for newsletters?

For newsletters, it is recommended to include an imprint with the term ‘Impressum’. Furthermore, the recipient must be asked for permission and given the option to unsubscribe via a link to comply with the double opt-in rule.

What legal information is included in an email's imprint?

A legal notice for emails must include the full company details, an email address, the VAT identification number (if applicable), and optionally the telephone number. The information must comply with the formal requirements of the TMG/DDG.

What is a legal notice requirement?

A legal notice must be provided regardless of whether one is a company or not, if newsletters or emails have a profit motive.

Why is a privacy policy necessary?

Each website visit generates personal data, therefore a privacy policy is required to protect this data and ensure transparency.

What information must a legal notice contain?

A legal notice must include the company name and address, but it is also a requirement for private individuals sending newsletters.

Imprint obligation in Emails and Newsletters

The legal notice obligation applies not only to websites but also to emails and newsletters. The Telemedia Act (TMG) regulates which information companies must provide when they appear externally in business dealings. A legal notice with company details is required not only on web presences, but also in emails.

Imprint obligation according to TMG / DDG

Update May 2024: The TMG what directly incorporated into the DDG (Digital Services Act). Instead of “TMG,” “DDG” should be used. Since many readers only know the TMG and search for it, the old designation is sometimes still used.

In §5 of [TMG] it is regulated that service providers appearing commercially in telemedia must maintain a notice of information. By the way, even indirect advertising of a product or service or the existence of an affiliate link is likely to be a commercial activity. Telemedia are electronic information and communication services. This includes, of course, websites as well as emails. Email means “electronic post”, which sounds quite clearly like an electronic communication service. ([1])

The general mandatory disclosures contain:

Full company name including a legally valid postal address
EMail (§5 TMG + § 5 DDG).
VAT ID, if available. Do not provide the tax identification number as it could be misused
Optionally include the phone number (recommended for example for online shops)

The additional mandatory information for the imprint varies depending on the corporate form (Ltd., GbR, AG, sole proprietor etc.). In a Ltd., for example, in addition to the general information, the following specific legal requirements must be present: Name and address of the managing director Registration number of the commercial register Place of registration:

Name of the Limited Liability Company
Address: Street, Postal Code, City, optionally Country
Managing Director
Court registry information

Emails

A business-related email must include an imprint. The imprint consists of the mandatory information, which depends on the form of the business. The term “Imprint” does not necessarily have to be explicitly stated in an email. In my opinion, it is sufficient to provide all mandatory information after stating one's own name, which appears at the end of the email below the closing salutation.

Newsletters as a special case

The obligation to provide an imprint applies equally to newsletters as it does to all other business emails sent outwards. For newsletters, it is recommended to include the imprint with the preceding term “imprint”, since the content of a newsletter can come from different authors or be automatically sent by corresponding services. In addition, the recipient of the newsletter must have been asked for permission beforehand (Double Confirmation). Furthermore, the recipient must be given the opportunity to unsubscribe from the newsletter via a link. Unsolicited advertising emails can lead to reprimands. If someone receives an unwanted advertising email, they can reprimand the sender if they did not comply with the rules. Even consumers can file complaints here and not just companies or competitors, as is the case with competitive complaints.

In my opinion, there's a special case with double opt-in: the confirmation email should ideally not be designed in a promotional way. I think there's room for debate about whether a link to the imprint and thus to the website is appropriate here. It's probably better to include the imprint textually in the email.

If you want to link to a privacy policy, it can only be done poorly through a lengthy email text, which would also require waiting for the privacy policy on the website. Since the potential newsletter subscriber could already see the privacy policy during registration (for which a link should be present in the registration form), it appears justifiable to provide this link, as it normally does not need to be clicked.

Editorial Content

Also for non-commercial communication, an operator identification must be kept on hand if editorial content is present. This includes, in particular, publicly perceivable opinions. In practice, this means that any opinion disseminated via the internet is subject to the obligation of disclosure. Exceptions could be contents that are protected by a password and accessible only to a few, such as family members.

Online Shops

For online shops, the following type of notice should be provided:

Alternative dispute resolution pursuant to Art. 14(1) ODR Regulation and § 36 German Act on Consumer Dispute Settlement:
The European Commission provides a platform for online dispute resolution (OS) which can be found at link removed. We are not obligated to participate in a dispute resolution procedure before a consumer arbitration body, nor are we willing to do so.

Additional regulations for online shops are possible and can be found in articles on Dr. GDPR. Especially, a Webseite-Check is recommended.

Conclusion

Every email sent by a company should absolutely include an imprint notice. This applies even more so to newsletters. The privacy policy of a website from which users can subscribe to a newsletter should also include information on how user data is handled. There should also be a notice stating that users can unsubscribe at any time via a link in the newsletter. For safety's sake, it's also advisable to provide an additional email address that can be used for unsubscription requests. This is because the link in the email might not work, or the user might want to unsubscribe without having a current newsletter email on hand.

Even those who think they are not a “company” must comply with the regulations if the newsletter shows a profit-making intention directly or indirectly (e.g. through linking).

By the way, a data protection statement must be available for every website. This alone is due to the fact that person-related data are exchanged with each visit to a website. Since network addresses (IP addresses) are person-related data, I recommend also inserting a link to the data protection statement in any commercial email (at least on first contact).

How comfortable it is to create and send newsletters in a data protection compliant way using WordPress, will be found in my contribution to Newsletters for WordPress.