Skip to content
Mumara

Compliance

The compliance baseline, handled for you.

GDPR-aligned consent capture, CAN-SPAM physical-address footers, CASL consent tracking, automatic unsubscribe with RFC 8058 one-click, and honoured opt-outs — built into every send. Plus EU data residency via dedicated Pools and a full account activity log.

Get started What's automatic →
send checklist
  • Consent captured — double opt-in + timestamp
  • Physical address — injected in footer
  • Unsubscribe link — every message
  • One-click (RFC 8058) — List-Unsubscribe header
  • Opt-outs honoured — fed to suppression
applied to every sendEU residency available

The layers

Consent, conduct, and a paper trail.

Consent captured properly

Double opt-in and consent timestamps support GDPR and CASL, so the lawful basis for every contact is on record rather than assumed. Honoured opt-outs flow into suppression the moment they happen.

Required conduct, automatic

A physical mailing address and a working unsubscribe link are injected into every send, and List-Unsubscribe headers with RFC 8058 one-click are added — meeting CAN-SPAM and the bulk-sender rules Gmail and Yahoo now enforce, without you remembering.

Residency + audit trail

EU customers can keep sending infrastructure in-region via dedicated Pools, and every action on the account is recorded in an activity log — the evidence trail for any compliance review.

Built in, not bolted on

Compliance you don't have to remember.

The fastest way to fall out of compliance is to rely on people remembering — to add the footer, to honour the opt-out, to include the unsubscribe link. Mumara ONE makes those automatic, applied to every send regardless of who built it, so a rushed campaign is as compliant as a careful one.

It isn't legal advice, and the regulations that apply to you depend on your audience and jurisdiction. But the mechanical obligations — consent records, required footers, one-click unsubscribe, honoured opt-outs, an audit trail — are handled at the platform layer so the baseline is always met.

What it prevents

The compliance gaps that come from doing it by hand.

  • Forgetting the unsubscribe or address

    A send missing a required footer or unsubscribe link is both non-compliant and spam-flagged. Both are injected automatically into every message.

  • Missing one-click unsubscribe

    Gmail and Yahoo require RFC 8058 one-click for bulk senders. It's added to your sends automatically, so you meet the rule without extra setup.

  • Mailing people who opted out

    An opt-out that doesn't take effect is a serious breach. Unsubscribes and complaints feed suppression immediately, so they're honoured the moment they happen.

  • No record when asked to prove it

    A compliance review needs evidence. Consent timestamps and a full account activity log give you the trail to show what happened and when.

Across the regulations

The obligations, handled per framework.

  • GDPR & CASL consent

    The requirement
    You must prove lawful basis and consent for EU/Canadian contacts.
    What the platform does
    Double opt-in and consent timestamps put the basis on record; EU sending can stay in-region via dedicated Pools.

  • CAN-SPAM footer

    The requirement
    Every commercial email needs a physical address and opt-out.
    What the platform does
    A mailing-address footer and working unsubscribe link are injected into every send — never left to memory.

  • Honoured opt-outs

    The requirement
    Opt-outs must actually take effect, fast.
    What the platform does
    Unsubscribes and complaints feed suppression the moment they happen, so they're respected on the very next send.

  • Proof on demand

    The requirement
    A review asks you to show what happened and when.
    What the platform does
    Consent timestamps and a full account activity log give you the evidence trail without reconstructing it after the fact.
“We send into the EU and North America, so compliance was a genuine worry when we chose a platform. Knowing the footer, the one-click unsubscribe, and the opt-out handling are applied to every send automatically — and that there's an activity log if anyone ever asks — took a whole category of risk off my plate.”

Verified review

Mumara ONE customer

G2

Common questions

What buyers usually ask.

What's handled automatically on every send?

A physical mailing address footer, a working unsubscribe link, and List-Unsubscribe headers with RFC 8058 one-click support — applied to every message regardless of who built it, so the mechanical CAN-SPAM and bulk-sender obligations are always met.

How is consent handled for GDPR and CASL?

Double opt-in confirms intent and consent timestamps are recorded, so the lawful basis for each contact is on record. Opt-outs flow into suppression immediately, and the activity log provides the evidence trail for a review.

Can I keep data in the EU?

Yes. EU customers can keep sending infrastructure in-region using dedicated Pools, supporting data-residency requirements alongside the rest of the compliance baseline.

Is this legal advice?

No — it's platform tooling that handles the mechanical obligations (consent records, footers, one-click unsubscribe, honoured opt-outs, audit logging). Which regulations apply to you depends on your audience and jurisdiction; consult your own counsel for that.

Related

Pages that pair with this one.

Mumara ONE · Compliance

Meet the baseline on every send, automatically.

Consent records, required footers, one-click unsubscribe, honoured opt-outs, EU residency, and a full audit trail — built in so the baseline is never left to memory.

Get started See pricing