How to Use Consumer Data Safely in Marketing

As the leading direct mail automation platform in the US and Canada, we spend a lot of time exploring how to use consumer data safely.

Regulations like the European Union’s General Data Protection Regulation (GDPR), the California Consumer Privacy Act (CCPA), Canada’s Anti-Spam Legislation (CASL), and other emerging rules make it difficult to gather and use consumer data via electronic media. Agencies tasked with producing results for their clients with electronic messaging are hampered by eliminating third-party cookies or other privacy-related measures. They are looking for alternatives.

Direct mail is unaffected by these regulations, allowing marketers to target their offers according to readily available household demographic data – data that is surrounded by less law than electronic messaging. Rules about collecting and using consumer data still apply to direct mailers. However, marketers have access to demographic information that can be used to target potential buyers effectively. Marketers use this information to segment their lists or drive variables included on the printed materials, affecting the graphics or offers.

Spam laws make it virtually impossible from a legal standpoint to send unsolicited email messages to prospects. No such regulations stop marketers from contacting consumers via postal mail. Several states are considering legislation that will similarly affect direct mail marketing, so stay in touch with your Postal Representative or industry mail professional for any developments. For now, no severe “do not mail” legislation exists.

What Are Data Privacy Laws?

Data privacy laws are legislation designed to protect individual users’ rights to data privacy and security. They typically include rules about how companies can collect and use data and how users are informed. Data privacy laws govern nearly every aspect of how a business engages with consumers digitally, including email marketing. The most expansive law is the GDPR, which governs the European Union. Canada and California have their own rules. Other individual states and countries have or are considering similar consumer data use specifications.


The privacy rules are complex and bear harsh penalties if not followed. This is an immediate concern for a marketing manager or agency. For example, the GDPR requires that businesses obtain the consent of anyone before contacting them via email. Additionally, the GDPR requires that companies demonstrate how they obtained permission and whether any consenting users have since unsubscribed from email marketing communications. Marketers must also delete a user’s data upon request. California’s CCPA is similar but has additional requirements.


GDPR violations carry steep penalties. A company that violates the data privacy requirements is subject to fines of up to 20 million euros, or 4% of the company’s annual revenue, whichever is greater. If you have a handful of European email addresses on your marketing email list and are unsure how they got there, delete them, at least for the moment. You are still liable even if the email originated in the United States. Fines for California’s CCPA regulation range from $2,500 per unintentional violation to $7,500 per intentional violation. Businesses generally have 30 days to reverse any violations and solve the problem to avoid liability.

Direct Mail is Safe and Effective

As a manager, corporate marketing department, or agency, you produce results from the marketing campaigns you launch. As governments enact rules for electronic communication, the importance of direct mail becomes clear. Marketers enjoy more freedom to use intelligence to reach an audience. Moreover, customers physically touch your messaging. They interact with the mail piece. The jumbo postcard stays behind the banana magnet on the refrigerator for days. Direct mail drives physical visits to your business or virtual visits to your website.

Direct Mail’s Common-Sense Regulations

No federal mail laws prohibit direct mail advertising on the national level. Still, Postalytics recommends marketers avoid any issues by following the existing regulations for direct mail marketing. Adherence is straightforward. Below is a quick summary of postal mail laws in the United States and what they regulate:

The Deceptive Mail Prevention and Enforcement Act (DMPEA) (39 U.S.C., Section 3001)

Non-governmental entities cannot send solicitations that imply a connection with the federal government for the purchase of products or services. It also prohibits mailing sexually oriented materials to those who refuse such mail with prior notification to the postal service.

Theft or Receipt of Stolen Mail Matter Generally (Title 18 U.S. C., Section 1708)

This federal law punishes citizens that steal, abstract, take, or obtain by deception/fraud any postal mail.

Health Insurance Portability and Accountability Act (HIPAA)

This act protects the medical information of US citizens and modernizes the processing of patient records. It prohibits sharing mailing lists used by medical facilities.

Take Advantage of Direct Mail

Digital marketing channels are saturated, and the response rate is lower than ever. Direct mail offers tangibility, permanence, and a visual experience. It cuts through the digital chatter. The challenge is connecting digital to direct mail for leveraging data gathered from web pages, email, and social media (within the confines of the applicable law). This connection is generally accomplished via Personal URLs (pURLs). pURLs are included in the Postalytics platform at no extra cost. Here’s a helpful article that describes how to use pURLs in a Postalytics campaign: 5 Easy Steps to Create pURLs in Postalytics.

For a comparison of email and direct mail effectiveness, see “Direct Mail vs. Email – Who’s the ROI Winner?
Postalytics provides enterprise-grade direct mail automation with workflow, integration, and analytics. Integrate Postalytics with your existing CRM, marketing automation, or eCommerce software and harness the power of automated direct mail marketing. From one to 100,000 mail pieces, the Postalytics direct mail platform makes your current digital channels more responsive.