Clarification on Policy for Transactional emails

Hi Team,

Good day. I hope all is well.

I would just like to clarify if my use case is in accordance with the MXRoute policy, as I’m creating an automation.

Scenario 1: Buyer purchased an item in my online store.

Trigger: new sales order of digital goods
Task 1: record the sales order in google sheet
Task 2: add the buyer’s email address in google contact or to an email campaign platform
**Task 3: send an email to the buyer’s email address for purchase confirmation with invoice, instructions, and digital goods **
(I presume that buyers are using legitimate email address, otherwise, they will not receive email for their purchase)
Task 4:Wait for 7 days
Task 5: Send email campaign for product review

This is a one flow of automation. I’m concerned with the task 3 and task 5 if it will not violate any policy.

Scenario 2: New Subscriber. (There’s a high chance that incorrect emails will be used)

Trigger: New Subscriber
Task 1: Verify the email address is valid
Task 2: If valid, Import the contact details in google contact,google sheet, and campaign platform.
Task 3: if invalid, do nothing or delete from the initial subscription list.
Task 4: Send a welcome email
Task 5: Wait 7 days
Task 6: Send planned weekly campaigns

Scenario 3: Email campaigns to subscribers for new updates/promotions

Scenario 4: Support emails
Trigger: New email receive for support
Task 1: Automatic sending of email acknowledgement
Task 2: Create support ticket
Task 3: Manual email conversation

Scenario 5: New user sign-up
Trigger: New sign up
Task 1: Send welcome email with password reset

Please advise, if there’s any violation of the policy for the above scenarios I have mentioned.
Thanks a lot!

This sounds mostly fine to me, but make sure that task 1 in scenario 2 is a double opt in procedure. Otherwise it’s subject to abuse and with those kind of things it’s not “if” but “when.”

Scenario 1 doesn’t use a double opt in to send out further emails but there doesn’t seem to be abuse potential. I can’t imagine someone purchasing a product just to ensure that someone else gets an email they didn’t want.

Scenario 4 could be open to abuse. Make sure that your auto reply contains 0 of the information they sent to you, otherwise they can basically send a message to anyone using your domain. Been there.

Make sure scenario 5 doesn’t lead to a marketing campaign without using a double opt in procedure. Also make sure you’re not sending them data they input on a form. I’ve seen Wordpress registration used to send spam solely by sending them a message containing the data they filled in the “name” field with. They’d put a name like “Cheap viagra at {URL}” and someone else’s email, and boom you’re a spammer by proxy.

@Jarland Thanks a lot for your detailed response and advises, these are all noted. I will make make to implement double opt in for any email campaign related.

My current use case is more on scenario 1.

For email campaigns, I’m a lazy writer. So I will only send email for any important updates/promotions.