How can I send cold emails compliantly?

Compliance requirements vary by jurisdiction. A framework for approaching compliance:

Know your legal environment: Identify which laws apply based on your location, recipients' locations, and recipient types (business vs consumer). When in doubt, apply the strictest standard.

Legal basis for data: Under GDPR, you need lawful grounds to process personal data. Document your legitimate interest assessment or other basis.

Identification: Messages must clearly identify the sender. Your name or company name, physical address, and how to contact you.

Honest content: No deceptive subject lines, false urgency, or misleading sender names. Messages should be identifiable as commercial if they are.

Opt-out mechanism: Provide clear, working unsubscribe option in every message. Process requests promptly (within 10 days under most regulations).

Suppression list: Maintain and honor an internal list of people who have opted out. This list should persist across campaigns and data sources.

Records: Document consent where applicable, data sources, and compliance decisions. If challenged, you need evidence of your compliance efforts.