All Collections
How to build a legitimate newsletter subscriber base?
How to build a legitimate newsletter subscriber base?
Ilona Srebnicka avatar
Written by Ilona Srebnicka
Updated over a week ago

Since you have visited edrone's website you surely already know how important a role

in carrying out effective marketing of an online store, which realistically translates into increased profits, is played by sending an effective newsletter. Unfortunately, even the best-prepared newsletter won't achieve its goals if it doesn't reach a large enough group of store users, which is why it's so important to build a base of users who are newsletter subscribers from the very beginning of the store's existence.

It would seem that in building a subscriber base the only thing that matters is the number of subscribed store users, according to the principle: "The more the better". - unfortunately, this is not quite true.

When building a newsletter audience, we must remember that the subscriber base we have collected must be legitimate.

In this article, we will tell you how to build a legitimate database of your store's newsletter subscribers.

First - consent

When sending a newsletter, we will be processing the personal data of store users and sending them marketing content. This involves the obligation to comply with the RODO regulation, but also with other legal acts such as the Telecommunications Law and the Law on Providing Electronic Services. As we pointed out, in the article: "Be lawful by implementing edrone" sending a newsletter, we will not need consent under RODO, because the premise legitimizing our processing of users' personal data will be - your legitimate interest to conduct marketing activities in sending a newsletter. However, you must remember that sending commercial content in the newsletter may require consent under other laws.

Just because you may find that your newsletter requires consent under 3 different pieces of legislation doesn't mean that you have to include 3 different consent formulas in the newsletter subscription checkbox - one well-formed consent and the use of the "Double OPT-IN" model for consent collection is enough.

You can find more information about the conditions of legal consent, the "double opt-in" model, along sample checkbox formulas in our article, we will just remind you that in order for the newsletter subscription consent to be correct:

  • The user must not feel forced to sign up for the newsletter - you can't indicate that signing up for the newsletter is mandatory, use pre-filled checkboxes in the consent form in any way, or in any way "hide consent" in the store's terms and conditions;

  • the user must know what the newsletter is for what purpose their data will be processed, by whom, for how long, etc. Of course, don't write this in the checkbox formula, but make sure to include appropriate provisions in the privacy policy or newsletter terms and conditions;

  • the user must be able to unsubscribe from the newsletter as easily as he/she signed up - don't use any complicated unsubscribe procedures.

Very importantly, the RODO imposes a so-called "accountability obligation" on data controllers - in the event of an audit by the DPA, of any claims coming from subscribers, you will have to prove that the store user in question really gave valid consent to receive the newsletter. You will be able to prove this more easily by using double confirmation resulting from the

from the adoption of the double opt-in model, in which the fact of subscribing and opting out of the newsletter is accurately recorded.

Second - information

As the controller of the user's personal data, you have an information obligation to the user related to the fact that you will process their data for the newsletter. The scope of information that a newsletter user must receive is specified in Article 13 of the RODO (e.g. your contact details as data controller, for what purpose the data will be processed - for marketing purposes consisting of sending a newsletter, to whom the data will be transferred - e.g. edrone for the purpose of completing the newsletter mailing, how long the data will be processed, whether it is sent to third countries, what rights newsletter subscribers have - e.g. the right to unsubscribe from the newsletter at any time).

Indicate all this information in your privacy policy or a separate newsletter document.

Only collect the data you need - minimalism

One of the main principles arising from the RODO is the principle of minimalism of the data processed - we should only process as much data as we really need according to the "the less the better" principle. For the purposes of sending newsletters, an email address is sufficient in most cases.

Do not use data for other purposes

By signing up, users agree to receive a specific newsletter from you as the administrator - remember! You cannot use user data from the database collected for a specific newsletter in any other way, e.g. to send a newsletter from another of your online shops.

Important! We also discourage the introduction of provisions in the shop's regulations concerning the shop's reserving the possibility to send a newsletter of another shop of the same owner. In order to properly send the newsletter of another shop, we will need a separate consent.

Lead Magnet

In January 2023, Poland adopted legislation implementing the European Omnibus Directive. One of the changes was the adoption that newsletters can be a type of digital content contract, in which the user pays for specific content not with money, but with their data. This entails certain obligations to the user, such as informing them of the content of such a contract and how to opt-out. We wrote more about Lead Magnet - HERE

Remember to hygienise your base

A regular audit of your subscriber bases not only allows you to increase the effectiveness of your marketing activities but also to avoid possible claims from subscribers.


  • regularly remove unsubscribers from your subscriber base. Remember, this does not mean that you are obliged to delete the customer's data - you are to refrain from sending them marketing content.

  • check the accuracy of the data provided (the problem of possible errors in subscribing is excellently eliminated by adopting a double opt-in model)

  • if you have doubts that your database has been collected correctly (e.g. if you have moved from the single opt-in model to the double opt-in model) use messages "encouraging to subscribe to the newsletter".

Don't buy ready-made databases

Buying a ready-made database is the most serious of all possible mistakes.

You do not know where the data comes from, whether any consent has been given, or how the data was obtained. Such an action is illegal and can be penalized not only under RODO, but also under database protection legislation.

Need additional help?

If you still have any questions about legal stuff, please contact us by writing to

Did this answer your question?