The CSA T&C are imposed by ECO – Verband der deutschen Internetwirtschaft e.V. (hereinafter “ECO”) within the framework of a Certified Senders Alliance (CSA). ECO is entitled to amend the CSA T&C unilaterally subject to six (6) weeks’ notice.
Selligent, as a member of this Certified Senders Alliance, is bound by these terms and conditions and – in accordance with these terms and conditions – has undertaken to impose them on its Clients, including the possibility of unilateral amendments.
Selligent and ECO are entitled to terminate Selligent’s participation in the CSA, in which case the Client will no longer have to comply with the CSA T&C (unless these terms and conditions correspond to best practices and/or a legal obligation) and there will be no other changes to this Agreement between the Client and Selligent.
The Client is also aware that Selligent is entitled to monitor and check the Client’s compliance with the CSA T&C and, in the event of a violation, to prevent access to the Services in accordance with Article 8 of the Subscription and Services Agreement.
The Client undertakes to comply immediately with any request from Selligent or ECO regarding the CSA T&C and to observe the CSA T&C as well as any amendment unconditionally (in this regard the Client agrees, in accordance with Article 15.9 of the Subscription and Services Agreement that is part of this Agreement, that any amendment to the CSA T&C is in the interest of the Parties and therefore reasonable).
(Note: any reference to “Sender” and “Client” in the CSA T&C is to be understood as a reference to the Client within the meaning of this Agreement)
- The Sender must be clearly identifiable when sending an advertisement through email. Every email sent must contain an easily noticeable ‘about us’ section, either in the text or accessible via a direct link. The ‘about us’ section must contain the following information:
- the name and the address at which the Sender is established, as well as, in the case of legal entities, the legal form of the entity, the authorized representative, the Commercial Registry, Association Registry, Partnership Registry, or Cooperative Society Registry that it is registered with, and the corresponding registration number;
- contact information, at least a valid telephone number or an electronic contact form, as well as
- an email address, and
- a value-added tax identification number, if one has been assigned according to Section 27a of the German Value-Added Tax Act [Umsatzsteuergesetz], or a business identification number according to Section 139c of the German Tax Code [Abgabenordnung].
Additional information obligations according to Section 5, Paragraph 1 of the German Telemedia Act [Telemediengesetz – TMG] remain unaffected.
- Emails may be sent only to recipients who have consented to receiving them according to Section 7, Paragraph 2, Number 3 of the Act Against Unfair Competition [Gesetz gegen den unlauteren Wettbewerb – UWG] (opt-in) or who have an existing business relationship with the advertiser, and only if the conditions of Article 13(2) of Directive 2002/58/EC of the European Parliament and Council of July 12, 2002 on Privacy and Electronic Communications (Direct advertising of the sender’s own products or services of a similar nature; indication of the free-of charge possibility to disallow use of the email address, both at the time of request of permission and in every usage of said email address) have been met.
- Consent to receiving advertisements through email must be given separately. The recipient must either click/check a box or otherwise give a comparably clear declaration of consent to advertising through email. This declaration must not be part of other declarations (such as agreeing to General Terms and Conditions).
- Recipients must give their consent actively through a conscious act. Pre-clicked/pre-checked boxes must not be used. In the case that permission has not been clarified either in writing or electronically, a written confirmation is required from the address owner. The possibility to disallow the permission at any time must be clearly indicated at the time of requesting permission. The indication must also include information on how to disallow permission, and who to contact in order to do this.
- Each email must contain an option to withdraw permission to send any further emails. A reference to this option must be included in every message sent. It must be possible in principle for the recipient to cancel emails without having to know access data (such as login and password). Exceptions to this may be approved on an individual basis if a different approach is required because of special circumstances relating to the service offered. Cancellations must be processed promptly.
- The Client must remove email addresses of participating Internet Service Providers from the mailing list if three hard bounces occur after mailings have been sent to these addresses.
- The Client must designate a contact person with telephone number and email address for complaints. The response time must not exceed 24 hours on business days.
- Neither the Sender nor the commercial nature of the message may be obscured or concealed in the header or subject line of the email. Obscurement or concealment exists if the header and subject line are deliberately composed in such a way that the recipient receives no information or misleading information about the actual identity of the Sender or the commercial nature of the message before viewing the content of the communication.
- When using email addresses that the Sender or the Sender’s clients have acquired from third parties, the Sender or the Sender’s Client is obligated to make sure, before sending the advertisements, that only recipients who have given their consent according to these acceptance criteria are actually emailed; this consent must refer not only to mailings sent by a third party but also to mailings sent by the Sender or the Sender’s clients.
- The retrieval of address data for third parties (such as through co-sponsoring) must be transparent to the user. In particular, address data retrieved in such a way should only be used for a mailing if at the time of collection
- the companies for which the address data were generated, were named transparently, individually, and categorized by industry,
- access to the list of companies was clearly possible and easy for the user, and
- the number of companies or persons for whom the address data were collected was reduced to a level that excludes the forwarding of user data to an unreasonably large circle of third parties and that allows the user to easily comprehend the consequences and scope of his consent as well as to easily control the lawful use of his data.
For clarification purposes, it is noted that the companies for which the address data are generated may not forward this address data to third parties without separately obtaining special consent from the user for them to do so.
- The collection of address data for third parties (through co-sponsoring for example) should be transparent to the user. Especially address data collected in this manner should only be used for a mailing if the number of companies or person for whom address data was collected does not exceed 10.
- It is recommended to evaluate the DMARC procedure and to implement the corresponding DNS records on the sender-side so that ISPs as recipients can check the received emails according to the predetermined parameters. When the procedure is implemented, the reporting email addresses must be specified in such a way that reports send by ISPs are processed by the certified sender or the Client thereof.
- The DKIM procedure (DomainKeys Identified Mail) is to be implemented for all servers/IP addresses to be certified at the latest by the time of successful certification through the CSA. The domain used in the DKIM “d=” tag must be shown in a Whois entry either as the certified sender or as a relevant Client thereof.
- The email header must contain an “List-Unsubscribe-Link” (see RFC2369). The named links must enable an easy unsubscribe at least at the list level. The unsubscribe from list header contains at least one HTTP-link. The sender can send the user a confirmation email informing of the successful unsubscribe. Exceptions to this obligation can be claimed when it is not possible to unsubscribe in the above mentioned way and sending an automated email is not necessary or possible due to the type of service. The complaint hotline shall decide in these exceptional cases. In the case of an exception, a “List-Help link” (see RFC 2369) must be added to the header. The link must lead to a help or login site which explains to the recipient how to un-subscribe from further mailings, or why this is not possible on legally binding grounds, and these grounds are to be named.
- DKIM Failure Reporting by the recipient must be enabled through entries or extensions in the relevant DNS records. DKIM Failure Reports must be received by the certified sender or the Client thereof (see RFC 6651).
Archived Selligent CSA T&C
Not applicable yet