Banner campaigns in email signatures are one of the most attractive B2B marketing tools. Every outbound mail reliably reaches the recipient. But: between "attractive" and "legally sound" lies a thicket of tripwires.
1. Is a banner advertising?
Yes, almost always. With existing customers in an active relationship it's usually okay. For cold contacts or former customers you need explicit consent.
2. Do I need recipient consent?
If the mail itself is legitimate (reply, invoice, service mail), no separate consent for the embedded banner. If the mail itself is advertising (newsletter), you need consent for the main mail.
3. What about click tracking?
In Germany TTDSG § 25 requires consent for cookies. From recipients you don't have that. Three options: no tracking, cookieless (with IP truncation, GDPR-compliant), tracking with cookies (not legal without consent).
4. Privacy notice paragraph
When you click banners in our email signatures we collect aggregated, non-personal click statistics (anonymised IP, click time, banner ID). Used exclusively to improve our marketing campaigns. No correlation with other data.
5. Competitive advertising
Allowed under tight conditions: objective, verifiable, tied to material features. "The GDPR-compliant alternative to XYZ" is generally okay; "Better than XYZ" is risky. Be careful with competitor logos.
Quick checklist
- Banner text reviewed through a competition-law lens?
- Recipient category checked?
- Click tracking configured without cookies?
- Privacy notice updated?
- Banner content legally cleared?
- Validity period set?
Bottom line
At SignatureHub we ship the data-protection-relevant features (cookieless tracking, IP truncation, anonymised aggregates) as defaults. You only need to take care of the banner content.