FlatlyOntario Legal
FlatlyOntario Legal
Browse ServicesRequest Consultation
Business & CorporateCompliance

CASL Compliance Policy

Canada's Anti-Spam Legislation (CASL) is one of the strictest anti-spam laws in the world — and one of the most technically demanding to comply with. Violations can attract fines of up to $1 million for individuals and $10 million for businesses per violation. A CASL Compliance Policy is a formal document that explains how your organization understands and complies with CASL: what constitutes a commercial electronic message (CEM), how you obtain and track consent, how recipients can unsubscribe, and what records you maintain. Whether published on your website for transparency or distributed internally to guide staff, a well-drafted CASL policy demonstrates your organization's commitment to compliance and can serve as evidence of due diligence if a complaint is ever investigated by the CRTC.

5–7 business days
Canada (Federal — CASL)

What Is Included

  • Consultation to understand your electronic messaging practices (up to 45 minutes)
  • Drafting of one CASL Compliance Policy tailored to your business
  • Coverage of express and implied consent requirements under CASL
  • Identification of applicable exemptions relevant to your organization
  • Unsubscribe mechanism requirements and record-keeping obligations
  • Guidance on sender identification requirements
  • One round of revisions based on your instructions

What Is Not Included

  • Full CASL compliance audit of existing campaigns or databases
  • CRM or email platform configuration advice
  • Ongoing compliance monitoring or updates
  • Review of existing marketing materials or email campaigns
  • Quebec-specific Law 25 privacy compliance (available separately)

Who This Service Is For

Businesses that send marketing or promotional emails, texts, or other electronic messages
E-commerce companies building subscriber lists
Organizations that want a published CASL policy on their website
Companies onboarding staff who send commercial electronic messages on behalf of the business
Any organization seeking to demonstrate CASL due diligence

Information Required from You

  • 1Description of your business and the types of electronic messages you send
  • 2How you currently obtain consent from recipients (opt-in form, in-person, implied, etc.)
  • 3Email or messaging platforms used (e.g., Mailchimp, HubSpot, direct SMTP)
  • 4Whether the policy is for public website publication, internal use, or both
  • 5Your business name, contact information, and privacy officer (if applicable)

Common Add-Ons

CASL consent language and unsubscribe footer reviewFrom $299 + HST
TOS & Privacy Policy Package (if not already in place)$1,250 + HST
Staff CASL training memoFrom $499 + HST

Frequently Asked Questions

Important Limitations

  • CASL applies to commercial electronic messages sent to or from Canadian computers or devices, regardless of where the sender is located. This policy reflects the law as of the date of drafting.
  • A CASL Compliance Policy documents your intent and practices — it does not guarantee immunity from CRTC investigation. Actual compliance requires that your practices match the policy.
  • CASL is a federal law enforced by the CRTC, Competition Bureau, and Office of the Privacy Commissioner. Penalties for violations can be severe. This policy is a compliance tool, not a substitute for legal advice specific to a particular campaign or enforcement matter.
  • This package does not include review of your existing email lists, consent records, or campaigns.

Fixed fee

$1,500

Plus HST

Request This Service