
The introduction of the GDPR, the European data protection law, has caused companies all around the world to revise the way they handle personal data. This is, no doubt, a great responsibility which often includes setting up a complicated process and adjusting internal procedures. On the other hand, it is worth remembering that those changes are designed to ultimately ensure the privacy and security of consumers’ personal data.
Because of that, you might view the GDPR as an opportunity, and not only as a heavy burden. European-based customers are more likely to trust organizations which have a clearly-formulated privacy policy and care for the security of personal data. At the end of the day, GDPR compliance might become a deciding factor when a customer is faced with a choice between you and your competition.
Fortunately, both Microsoft 365 and the on-premises Exchange Server give you many opportunities to get closer to complete GDPR compliance. One of the features that help you do it is adding GDPR-compliant disclaimers to your emails.
Disclaimer: You cannot achieve GDPR compliance by simply adding an email disclaimer. At the same time, the right use of email disclaimers can help you become GDPR-compliant. Here is how you can use the GDPR-oriented email disclaimer:
- Inform your users that you are GDPR-compliant. The introduction of the GDPR is a great opportunity to build a good impression among your customers. People are more likely to trust a brand which takes pride in its GDPR compliance and has a clear privacy policy. Email signatures and disclaimers are a great place to show that you care about the security and privacy of the personal data you process.
- Insert a link to your privacy policy. The GDPR introduces Information obligation. Simply speaking, it states that you need to inform people you contact that you process their personal data (and how). This information should be easily accessible and clearly formulated. Adding a link to your company’s privacy policy makes it easier for your clients to learn more about how you ensure their personal data security.
- Include an unsubscribe link or unsubscribe instructions. The GDPR requires you to provide an easy way for your users to cancel consent for a subscription. Email disclaimer attached to every email correspondence is a perfect way to achieve just that. Learn how to configure a smart unsubscribe mechanism on your Exchange Server.
GDPR-oriented email disclaimer examples
- Here at [company], we care for your privacy. That is why we have taken appropriate measures to ensure that the data you have provided to us is always secure. If you have any questions related to GDPR compliance or data protection, please contact our Data Protection Officer.
- All information and attachments included in this email are confidential and intended for the original recipient only. You must not share any part of this message with any third party. If you have received this message by mistake, please let us know immediately, so that we can make sure such a mistake does not happen again, and delete this message from your system.
- Our company is fully GDPR-compliant. To learn more about how we comply with the GDPR and, as a result, care for the security and privacy of personal data we collected from you, visit this page.
- [Company] places the highest priority on the security and privacy of our Clients. Therefore, we have put our efforts into ensuring that this message is free of errors and viruses. Despite our efforts, you should always scan all emails for any threats with proper software, as the sender does not accept liability for any damage inflicted by viewing the content of this email.
- The security of your data is one of our greatest concerns. That is why we put extra effort into ensuring your data is always safe and up to date. Contact us if you want to access or change your personal information or if you want us to remove it completely from our database. If you do not wish to receive more emails from us, click unsubscribe.
Click here for more general-use email disclaimer examples
Another good idea is to include an eye-catching GDPR compliance badge in your email signature and link it to your dedicated GDPR compliance website or your privacy policy.
Setting up automatic email disclaimers in Microsoft 365 and Exchange Server
Both Microsoft 365 (Office 365) and Exchange Server offer you native methods of inserting disclaimers into emails. Please relate to How to create company-wide email signatures and disclaimers in Office 365 and How to set up email disclaimers on Exchange Server for detailed guidelines.
However, the native solutions suffer from some limitations, to mention a few:
- The delegation of signature/disclaimer management is impossible. Which means that you cannot give your legal team an option to create email disclaimers without giving them administrative access to your company’s Exchange Online or Exchange Server environment.
- Signatures/disclaimers are not visible in Sent Items. Although server-side email signatures and disclaimers have a greater chance of being appended to outgoing emails, there is no native way to see them in Sent Items. Because of that, it is hard to ensure if the GDPR-compatible disclaimer has been successfully appended or not.
- Disclaimers and signatures are pushed to the end of the conversation. There is no way to insert email signatures and disclaimers directly under replies and forwards. This makes it harder for the recipients to find the unsubscribe link and any information you wish to convey through the disclaimer.
Create GDPR-oriented disclaimers with CodeTwo
To overcome those native limitations and unblock additional email processing features, you can use CodeTwo’s email signature management software for Microsoft 365 and the on-premises Exchange Server:
- CodeTwo Email Signatures 365 is a Microsoft-certified solution that can be used to centrally manage email signatures and disclaimers in a Microsoft 365 organization. Filling the gaps in the native features, it allows a single person to create and deploy company-wide disclaimers and legal notes in a few minutes.
- CodeTwo Email Signatures On-prem is a mail flow and email signature manager built on technology trusted by thousands of Exchange Server administrators. The software lets you add server-side professional email signatures and disclaimers to your emails and broadens the capabilities of the native Exchange Server SE mail flow rules.
Using CodeTwo’s software, you’ll easily show your clients that you care for the security of their data and that your company is GDPR-compliant.




CodeTwo sp. z o.o. sp. k. is a controller of your personal data.
See our Privacy Policy to learn more.