Shopify prohibits merchants from sending unsolicited commercial emails or other communications in violation of applicable law, including the CAN-SPAM Act in the US and equivalent international laws.
This analysis describes what Shopify's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
This provision defines the boundary of permitted communication practices on the platform and establishes a contractual basis for enforcement action against users who engage in spam activities. It aligns Shopify's terms with statutory requirements governing unsolicited commercial communications.
This provision prohibits Shopify merchants from sending unsolicited commercial communications to consumers in violation of applicable law, providing a stated baseline protection against spam from merchants operating on the platform.
How other platforms handle this
Don't claim to be human when directly and sincerely asked, use AI to deceive people about its fundamental nature, or impersonate real people or organizations in misleading ways.
You may not use Runway's tools to build or support systems designed for mass surveillance, tracking of individuals without their consent, or the unlawful monitoring of protected groups or activities.
Do not generate images for political campaigns or to try to influence the outcome of an election. Do not generate images to spread misinformation or disinformation.
Monitoring
Shopify has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"You may not use the Shopify Services to engage in the following activities: Spam: Sending unsolicited commercial email or other communications in violation of applicable law.— Excerpt from Shopify's Shopify Acceptable Use Policy
(1) REGULATORY LANDSCAPE: This provision engages the CAN-SPAM Act (15 U.S.C. 7701 et seq.) in the US, Canada's Anti-Spam Legislation (CASL), the EU's ePrivacy Directive (which governs unsolicited electronic communications), and the UK's Privacy and Electronic Communications Regulations (PECR). The FTC enforces CAN-SPAM; the CRTC enforces CASL. GDPR consent requirements apply to email marketing directed at EU residents. (2) GOVERNANCE EXPOSURE: Medium. Spam-related violations are among the more commonly enforced areas of digital marketing law. Merchants using third-party email marketing integrations within Shopify's app ecosystem should ensure those tools comply with applicable anti-spam laws. (3) JURISDICTION FLAGS: CASL imposes express consent requirements more stringent than CAN-SPAM, creating heightened exposure for merchants marketing to Canadian recipients. GDPR consent requirements apply to EU recipients and require a lawful basis for email marketing, typically explicit opt-in consent. Merchants with international customer bases face a patchwork of consent requirements. (4) CONTRACT AND VENDOR IMPLICATIONS: Merchants using Shopify's built-in email marketing tools or third-party integrations should review those tools' consent management mechanisms against applicable anti-spam laws in all jurisdictions where they market. Vendor agreements with email service providers should include compliance representations. (5) COMPLIANCE CONSIDERATIONS: Legal teams should audit email marketing practices, including opt-in consent mechanisms, unsubscribe processes, and sender identification, against CAN-SPAM, CASL, and GDPR requirements. Merchants should maintain records of consent for email marketing recipients, particularly for EU and Canadian audiences.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
This provision defines the boundary of permitted communication practices on the platform and establishes a contractual basis for enforcement action against users who engage in spam activities. It aligns Shopify's terms with statutory requirements governing unsolicited commercial communications.
This provision prohibits Shopify merchants from sending unsolicited commercial communications to consumers in violation of applicable law, providing a stated baseline protection against spam from merchants operating on the platform.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Shopify.