GDPR and Direct Mail: Compliant Marketing Without Opt-In
One of the biggest advantages of direct mail over email in Europe is the legal basis. Email marketing requires explicit opt-in consent under GDPR (Art. 6(1)(a)). Direct mail to existing customers can operate under the legitimate interest basis (Art. 6(1)(f)) — meaning you can reach customers who never opted into your email list, or who have since unsubscribed.
Legitimate interest for direct mail
Under GDPR Art. 6(1)(f), you can process personal data when you have a legitimate interest that is not overridden by the individual's rights. Marketing to existing customers via direct mail is widely recognised as a legitimate interest, provided you offer an easy opt-out mechanism. This is the same basis that allows businesses to send physical marketing materials across Europe.
Opt-out requirements
Every direct mail piece must include a clear, easy way for the recipient to opt out of future mailings. Mayday prints a one-click opt-out URL on every postcard. When a customer visits the opt-out link, their data is suppressed within 48 hours and the event is recorded in an immutable audit trail for compliance documentation.
Data minimisation and processing
Mayday only processes the customer data necessary for postcard delivery: name, shipping address, and order history for segmentation. All data is processed within the EU. When a customer is suppressed (opted out), their personal data is removed from active campaign targeting. Mayday supports data portability requests.
Why this matters for e-commerce
Email lists are opt-in only — and shrinking. Unsubscribe rates in e-commerce have increased 2.1× since 2020. Direct mail lets you reach your entire customer base, including those who never joined your email list or have since left it. For win-back campaigns targeting lapsed customers, this is a significant advantage.
Send GDPR-compliant postcard campaigns with Mayday.
Get started free