CASL Compliance in AcelleMail: What Canadian Senders Need

What this is for#

Canada's Anti-Spam Legislation (CASL, in force since 2014) is the strictest commercial-email law in the world. It covers any "commercial electronic message" (CEM) sent to or from a Canadian recipient — so even non-Canadian businesses owe compliance the moment they email someone in Canada. Penalties go to CAD $10 million per violation for businesses and CAD $1 million for individuals.

CASL differs from CAN-SPAM in one big way: CASL is opt-in by default. You need consent before you send. CAN-SPAM is opt-out — you can send first, must allow unsubscribe. If you're emailing both audiences, CASL is the higher bar — meet it and you've automatically met CAN-SPAM.

Express vs implied consent#

Every Canadian subscriber on your list needs either express consent or a valid implied-consent category.

Key practical rule: the burden of proof is on you, not the regulator. If a Canadian subscriber files a complaint, you must produce when, where, and how their consent was obtained. If you can't, the consent is treated as never having existed.

What every CEM must contain#

CASL §6 requires four things in the body of every commercial email:

1. Your full legal name (or operating name, if different and registered)
2. A mailing address plus one of: telephone, email, or website URL
3. A clear, functioning unsubscribe mechanism — link or reply-to instruction
4. Unsubscribe must be honoured within 10 business days

AcelleMail handles #3 (unsubscribe link is automatic) and #4 (suppression is instant — well under the 10-day ceiling). #1 and #2 you fill in once at Account → Contact — Company info (legal name) + Address card — and AcelleMail injects both into every campaign footer.

Recording consent inside AcelleMail#

CASL audits are paperwork-heavy. The fastest way to stay defensible is to record consent origin at signup as a list custom field.

1. Open Lists → [your list] → Manage list fields
2. Click Create field and add a text field called consent_source
3. (Optional) Add a second text field consent_date — type date
4. In your signup form (built in Forms → [your form] → Edit), include both fields as hidden inputs pre-populated with the source (e.g. homepage-hero-2026-05) and current date
5. Confirm by opening one new subscriber after signup — both fields should be populated under the subscriber's profile

That gives you a per-subscriber record of where and when consent was obtained, queryable from the subscribers table.

For higher-stakes audits — large lists, regulated industries — turn on double opt-in under Lists → [your list] → Edit → Subscription settings. Double opt-in produces a server-side log entry every time someone confirms, which is admissible as a record of express consent. See Double Opt-In vs Single Opt-In.

The transition period is over#

CASL gave a three-year window for "implied consent from before July 2014" to ride out without action — that window closed July 1, 2017. Any consent that was implied-only on July 1, 2014, has long since expired. If you haven't audited your Canadian segment since then, do it now: anyone with neither express consent nor an active implied-consent category must be removed.

The fastest way to surface this in AcelleMail: build a segment filtered by country = Canada AND consent_source IS NULL, export to CSV, and decide row-by-row. See Advanced Segmentation Strategies for the segment builder.

Common issues#

What to do after#

1. Verify Account → Contact has your legal name + mailing address filled in.
2. If you collect Canadian subscribers, turn on double opt-in on those lists.
3. Add consent_source + consent_date custom fields to every list that collects email.

Related articles#

• CAN-SPAM Compliance in AcelleMail
• GDPR Compliance for Email Marketing
• Double Opt-In vs Single Opt-In: Which to Choose
• Creating Effective Signup Forms and Landing Pages