Email Compliance Reference

CAN-SPAM Act — B2B & B2C Rules

What the law actually requires, how B2B and B2C differ, penalties for non-compliance, and how this applies to BOSSTORQUE client campaigns.

Last updated: April 30, 2026 · Source: FTC, TCIA, EmailOctopus

Key takeaway: CAN-SPAM does NOT require prior opt-in for either B2B or B2C email in the US. You can email existing commercial clients without their prior consent as long as you meet the 7 compliance requirements below. However, your ESP (Kit) may impose stricter rules — always check their Terms of Service before loading unenrolled lists.
The 7 CAN-SPAM Requirements Applies to ALL commercial email — B2B and B2C
  • 1
    Accurate header information. Your "From," "To," "Reply-To," and routing information must identify the person or business who sent the message and not be deceptive.
    For Sperry: From must be "Your Sperry Tree Care Experts" <michele@sperrytreecare.com>. Never spoof or alias in a misleading way.
  • 2
    Non-deceptive subject lines. The subject line must accurately reflect the content of the message. Clickbait that misrepresents the email's contents is a violation.
    Urgency and promotional framing are fine — outright deception (e.g., "Re: Your Account" when it's a promo) is not.
  • 3
    Identify the message as an advertisement. The email must disclose clearly and conspicuously that it's an ad — unless you have prior affirmative consent (opt-in) from the recipient, which removes this requirement.
    Existing customers who opted in are exempt from this disclosure. Unenrolled commercial clients who never opted in require it — a brief footer note ("This is a commercial email from Sperry Tree Care") is sufficient.
  • 4
    Physical postal address. Every email must include a valid physical mailing address — a street address, P.O. Box, or private mailbox registered with the USPS.
    Already in the Kit email footer. Verify it's present on every template before sending.
  • 5
    Clear opt-out mechanism. Every email must include a clear and conspicuous way for recipients to opt out of future messages. The mechanism must be easy to find and use — a link is standard.
    Kit's unsubscribe link satisfies this. Do not hide or bury the unsubscribe option.
  • 6
    Honor opt-outs promptly. You must process opt-out requests within 10 business days. You cannot require the recipient to pay a fee, provide information beyond their email address, or take more than one step to opt out.
    Kit handles this automatically for managed lists. For any manual list imports, set up suppression logic before sending.
  • 7
    Monitor what others do on your behalf. If you hire a third party to send email for you, both parties are legally responsible for compliance.
    Applies to BOSSTORQUE as the agency. Client's sender identity, our content — both parties on the hook.
B2B vs. B2C — How They Actually Differ

CAN-SPAM makes no distinction between B2B and B2C — both are subject to the same 7 rules above. The practical differences come from deliverability norms, ESP policies, and sender reputation, not the law itself.

B2B Email
  • No opt-in required by CAN-SPAM
  • Existing client relationship = strong footing
  • Lower risk of spam complaints (known sender)
  • Often filtered by corporate spam gateways, not Gmail
  • ESP may still require opt-in (check Kit ToS)
  • Low engagement on cold lists hurts sender score
  • Must still include ad disclosure if no prior consent
B2C Email
  • No opt-in required by CAN-SPAM
  • GDPR/CASL only apply to EU/Canadian recipients
  • Higher spam complaint rates from consumers
  • Gmail/Yahoo filtering is aggressive for cold sends
  • DMARC/SPF/DKIM alignment more critical
  • ESP opt-in requirements often stricter for B2C
Penalties
$53,088
Maximum fine per individual non-compliant email
Violations are assessed per email, not per campaign. A single non-compliant send to 1,000 recipients = potential $53M exposure. Criminal penalties apply for aggravated violations (harvested addresses, falsified headers, etc.).
Sperry Tree Care — Specific Use Cases
✓ Compliant
Club Members — Enrolled via opt-in campaign
All Tree Care Club members opted in during enrollment. This is the gold standard — prior affirmative consent removes the "identify as advertisement" requirement and satisfies ESP requirements. Continue as-is.
⚠ Proceed with care
300+ Commercial Clients — Not enrolled, but existing relationship
Legally permissible under CAN-SPAM — existing business relationship, no opt-in required. Must include: (1) ad disclosure in footer, (2) physical address, (3) clear unsubscribe link, (4) accurate sender identity. Critical check: verify Kit's Terms of Service allow sending to non-opted-in lists. If Kit requires opt-in, run a one-time re-permission campaign first, or segment into a separate sending account. Recommend a permission pass before any large send to protect sender reputation.
✕ Do not send
Purchased or harvested contact lists
No existing relationship, no consent, high spam complaint risk. CAN-SPAM still technically permits it if the 7 rules are met, but ESPs prohibit it and deliverability will be destroyed. Not recommended under any circumstances.
Pre-Send Checklist — Every Campaign
  • From name and email are accurate and recognizable to recipients
  • Subject line accurately reflects email content — no deceptive framing
  • Physical mailing address present in footer
  • Unsubscribe link present, functional, and easy to find
  • If list is unenrolled: ad disclosure added to footer
  • Suppression list applied — previous opt-outs excluded
  • Kit ToS confirmed for list type before sending
Sources:
CAN-SPAM Act: A Compliance Guide for Business — FTC
CAN-SPAM Act Compliance Guide for B2B Businesses — Revnew
B2B vs B2C email marketing regulations — EmailOctopus
CAN-SPAM Act of 2003: A 2024 Overview — OPTIZMO

This reference is for operational guidance only. Not legal advice. Consult an attorney for jurisdiction-specific compliance questions.