James WarrackEmail marketing & authentication
Cold outreach and GDPR

Cold Outreach and GDPR

James Warrack

TL;DR — Yes, you can send cold emails under GDPR — as long as you're contacting people who have a genuine reason to hear from you. I only reach out to relevant prospects, include clear opt-outs, avoid storing anything unnecessary and write emails that feel like they were meant for the person receiving them. No dodgy lists. No scraping. No spammy nonsense. Just respectful, targeted outreach that keeps you on the right side of the law and your prospect's inbox.

Cold Outreach and GDPR — How to Stay on the Right Side of the Line

Let's be honest — GDPR is one of those things most people think they're following, but they've never actually looked into properly. And when it comes to cold outreach, it's easy to get it wrong without meaning to.

Here's the good news: cold emails can be compliant, as long as you're clear on the rules and don't act like a spammer.

So, can you cold email someone under GDPR?

Yes — IF there's a legitimate interest in getting in touch. That means the person you're contacting is likely to be interested in what you're offering because it's relevant to them in their professional role.

For example, if you're an HR platform reaching out to HR managers at UK companies, that's a legitimate interest. If you're selling party balloons to dentists... not so much.

What I do to keep campaigns GDPR-friendly

Only relevant data is used — I never bulk scrape random email addresses. I build every list based on the kind of businesses you actually want to work with.

Clear opt-out in every email — Every message includes a simple way to opt out. And when someone says no thanks, they're taken off the list straight away.

No sensitive data — I only store what's needed for the outreach itself — no extra info, no data hoarding.

Respectful tone and relevance — Cold emails should feel like a proper introduction, not a shotgun blast. I write each message like I actually want a reply — because I do.

Why it matters

Bad outreach doesn't just annoy people. It damages your brand, your domain, and your trust. But done properly, cold email can still be one of the most effective and compliant ways to reach the right people.

And more importantly, when people feel like the email might actually be useful to them, GDPR becomes a non-issue.

Respecting the Right to Unsubscribe

Every campaign includes a one-click opt out. It sounds simple, but you'd be surprised how many cold emails make it awkward to unsubscribe — or don't even bother.

Some cowboy email marketers ask people to reply with "unsubscribe" or "leave out" instead. Why? Because it bumps their reply rate, which makes the email look more engaging to the servers and boosts their stats. But it's nonsense — it's the email equivalent of a black hat SEO trick. It might give a short-term lift, but it's a pain for the person on the other end and damages your brand in the long run.

So I keep it simple: one click, instantly unsubscribed, no hassle. It's better for your prospects, keeps you GDPR friendly, and shows you do things professionally.

Cold email outreach serviceOpt-out information