Internet Performance Delivered right to your inbox

Want Email Address Privacy? Check the Policy

No one likes when their email address privacy is breached, but it happens more than you might expect. Worst of all, most times, you’ve agreed to it.

Wait, what?

On nearly every website footer you can find a privacy policy, a company’s legal stance on what they do with your data when you make a purchase, sign up for their email address, post to their website, etc. Most privacy policies are different because every company is different, but if they are selling, renting, or sharing your data, that disclosure should be in there (if the company is being upfront about it).

Specifically focusing on email address privacy, here’s what you can look for to better understand what companies are doing with your information. If you do a search on the policy for “third parties” and/or “share,” look for something like this:

  • “We do not share your information with third parties.”
  • “We will never sell, share, or rent your information with third parties.”

Unless they are lying, it can’t get more straightforward than that. There are some exceptions, however. Companies often list a few different ways they have to share data with some third parties: if they are legally required to do so by law, if they use vendors such as Oracle Dyn to send out emails, and if they get bought and have to transfer the data in a sale.

Unfortunately, they do also have the right to share or sell your data. They just need to tell you about it, and then they leave it up to you to decide what you want to do (if you ever bother to read the policy to begin with).

If you see something like, “We share data with our affiliates and third parties who offer services we think you might be interested in,” that’s a red flag. Think of the most important person in your life and whether you’d want them deciding what emails you receive from other companies. I’m guessing not. However, you want someone you’ll never meet deciding who gets to have your email address? No thanks.

When you read an email address privacy policy that isn’t clear, that’s another red flag. I’ve read hundreds of these things, and the honest companies make it clear: They either share, or they don’t. Most policies will include an email address to which you can send questions if you’re concerned. If something is unclear, go ahead and ask.

Even though I review these policies in our vetting process, I find that I still don’t review them when I’m signing up with my personal email account. Most of you reading probably have never read a privacy policy in your life, and that’s understandable. It’s boring, and if you want to get email from a company, you’re going to sign up and throw caution to the sending wind.

But if you’re curious about how Company X managed to collect your email address if you have never heard of them, you likely opted in for that at some point without even realizing it.


Share Now

Whois: Josh Nason

Josh Nason is a Reputation Manager at Oracle Dyn Global Business Unit, a pioneer in managed DNS and a leader in cloud-based infrastructure that connects users with digital content and experiences across a global internet.