MailProof · Shopify

CAN-SPAM email marketing for Shopify sellers: do the rules apply to you?

The US CAN-SPAM Act requires honest headers, a clear unsubscribe, a physical postal address, and honoring opt-outs within 10 business days — up to $53,088 per email.

In force US rules Shopify

How CAN-SPAM email marketing works on Shopify

Shopify gives you the storefront and checkout, but legal compliance is on you, the merchant — Shopify's own terms make that explicit. The platform ships some tools (a cookie-banner and customer-privacy API, a hosted PCI-compliant checkout), but switching them on and configuring them correctly is your job, not Shopify's.

📦 On Shopify: Shopify merchants write their own policies, flows and disclosures, so US federal and state rules land directly on you, not on Shopify.

Does this apply to you?

This rule applies to Shopify sellers who send marketing or promotional emails. Send marketing emails? Check for a clear unsubscribe, your postal address, and honest headers. Not sure? The free checker tells you in about a minute — no signup.

The Shopify checklist

Whatever the platform handles, you still need to be able to answer "yes" to each of these — these are the points Shopify sellers most often get caught on:

Is there a clear unsubscribe link in every marketing email?
Are opt-outs honored within 10 business days?
Does every email include a valid physical postal address?
Are From / Reply-To and routing accurate (not deceptive)?
Are subject lines honest about the content?
If you send adult content, is it labeled?

What's at stake

⚠️ Exposure: up to $53,088 per email (FTC) · Status: In force. On Shopify, that's on top of any account suspension for breaking platform policy.

Compare the penalty for every rule →

Common questions

Do I have to handle cAN-SPAM email marketing myself on Shopify, or does Shopify cover it?

Shopify gives you the storefront, but cAN-SPAM email marketing compliance is the seller's responsibility — the platform doesn't do it for you. The free checker shows exactly where you stand in about a minute.

What must every marketing email include?

A truthful From/subject, a clear and free way to unsubscribe, and a valid physical postal address. You must honor opt-outs within 10 business days.

Does CAN-SPAM apply to one-off emails?

Yes — it applies to all commercial email, including the first one. There's no exemption for small senders.

What are the penalties?

Each separate email in violation can incur penalties up to $53,088, and multiple parties (e.g. the brand and its agency) can be liable.

The source

RuleGoose checks this against the US CAN-SPAM Act (15 U.S.C. 7701) + FTC Rule. Read it yourself: eCFR — 16 CFR Part 316 (CAN-SPAM Rule) →

Check your Shopify store against CAN-SPAM email marketing — free.
Answer a few questions, see exactly where you're exposed, and draft the fix. No signup, runs in your browser. Run the MailProof checker →

or get one RuleGoose Score across every rule your Shopify store has to meet.

The full Shopify picture

CAN-SPAM email marketing is one of several rules a Shopify store has to meet. See the full Shopify compliance checklist →, or read the platform-neutral CAN-SPAM email marketing guide.

Same rule, other platforms

CAN-SPAM email marketing on WooCommerce →

Informational only, not legal advice, and not affiliated with the FTC or Shopify. Last reviewed 2026-06-30.