Pardot Email Deliverability and Compliance: 23 Things You Should Know
- December 16, 2022
- Email Delivery, Salesforce Ben | The Drip
Pardot (Account Engagement) offers capabilities that promote data privacy, and compliance – which in turn, improves email deliverability.
Email deliverability is a vast topic, with many factors working together that can ‘make or break’ whether an email makes it into the recipient’s inbox.
While the collection of features we’ll cover will give you the ‘leg up’, ultimately, sticking to good deliverability practices, data quality, and compliance, lies with you. Using the out-of-the-box settings is good, but you need to understand how these features should address your organization’s requirements.
When matching Pardot up with deliverability and compliance regulation, a structured approach can make some of the murkier aspects clearer. You’ll find plenty of information in this guide, including:
- Pardot Settings and Domain Management.
- Prospect Opt-in & Email Preferences.
- Form and Landing Page Settings.
Pardot Deliverability + Compliance Overview
23 points?! Don’t worry, the following points are split into three parts:
- Pardot Account Settings and Domain Management
- Prospect Opt-in & Email Preferences
- Pardot Form and Landing Page Settings
There’s much to explore when it comes to giving Pardot email deliverability and compliance its best shot.
Each entry in the table below has a brief description, how you locate the setting in Pardot, and how to configure it.
What it is. | Why you need it. | Where you can find it in Pardot. | |
---|---|---|---|
Account Settings | This is where you will find the field that the {{{Organization.Address}}} merge field pulls data from, which needs to be populated for compliance with CAN-SPAM and other regulations. | CAN-SPAM (etc.) compliance requires you have a physical mailing address included in all email footers. | Pardot Settings → Account Information → Edit. To add the merge field into an email, launch the merge field picker. |
Pardot Cookies Duration | Pardot admins can adjust the duration of Pardot “visitor_id” and “pi_opt_in” tracking cookies from 180 to 3650 days. | Stay compliant with your organization’s privacy policy. | Pardot Settings → Account Information → Edit |
First-party Tracking | “First-party” means that the cookies are placed on your browser by the same website that you are on – therefore, you are placing the cookie on the prospect’s browser (not Pardot). | “Third-party” cookies are becoming gradually blocked by the leading internet browsers. | Pardot Settings → Account Information → Edit |
Browser Do-Not-Track Settings | When enabled, this feature prevents a third party from capturing activities from a website and recording them in another system. | Stay compliant with legal requirements. | Pardot Settings → Account Information → Edit |
Tracker Domains | Enable any landing pages, forms, and files hosted in Pardot to have links that appear as your own brand. | Prospects will feel more confident clicking on branded links, as opposed to go.pardot.com links.
Enabling SSL for tracker domains makes them more secure ( https://, and not http//:) |
Pardot Settings → Domain Management |
Force HTTPS | When you create marketing assets in Pardot, you have the option to choose between https:// or http://. | HTTPS is a more secure browsing experience for prospects vs HTTP (the ‘S’ stands for ‘secure’). Even if your tracker domain is SSL-enabled, marketers could accidentally overlook https:// vs http:// at the individual asset level. | Pardot Settings → Account Information → Edit |
Tracking Opt-in Preferences | You can request a visitor to opt-in to tracking on their first visit to one of your tracked pages. | Requesting opt-in from all visitors is best practice. | Pardot Settings → Domain Management → Edit Tracking Opt-In Preferences |
DKIM & SPF Authentication | SPF refers to a process to validate an email sent from an authorized server to prevent spam. DKIM allows a sender to claim responsibility for a message that is to be validated by the recipient via a “public key”. | See box to the left. | Pardot Settings → Domain Management |
BCC Email Compliance | BCC Email Compliance allows you to retain a record of Pardot emails sent and to whom, stored in a third-party system designed for this archiving. | A requirement common in some industries, such as Financial Services. | Pardot Settings. It’s available for Pardot Plus and Advanced Edition customers, at an extra cost. |
Operational Email Sending | Operational emails bypass opt-in/opt-out status, so you can send non-marketing messages. | Send critical notifications or operational messages. | Pardot Settings → Account Information → Edit |
Prospect Deletion | You can decide to ‘soft delete’ a prospect record by moving them to the recycle bin (in case you want to undelete them), or permanently remove a prospect record from your database. | For database hygiene and to honor a prospect deletion request. | (Single records) Prospect record → click Delete. (Or, multiple records) prospect list → select All prospects in the list → click Delete. |
Prospect Opt out | When a prospect requests to be unsubscribed from emails, you can unsubscribe them from the prospect’s record – manually or with automation. | Important for honoring an individual’s email preferences, and failing to do so can put you at risk of a breach. | Prospect → Prospect List* → select the Prospect record → Check the ‘Opt-Out’ field |
Confirmed Opt-In Process | This process verifies that an opt-in request came from the owner of the email address, and also checks that the address is not deactivated, mistyped or fraudulently subscribed. | See box to the left. | For more information, read: Building Double Opt-In With Pardot (Account Engagement) |
Email Preference Center | The location for prospects to manage the lists they are subscribed to. | Important for honoring an individual’s email preferences, and preventing complete opt-outs. | Pardot Email → Preferences Page |
Unsubscribe Page | To ensure compliance with email regulations, an unsubscribe link (or email preference center link) is required in every email. | Allow prospects to opt-out from your communications. | Pardot Email → Unsubscribe Page |
Policy for Unengaged Prospects | After sending X emails to a prospect with no engagement, you should remove them from that list. | For list hygiene purposes, and to avoid negatively impacting deliverability in the long term. | Prospects → Segmentation → Segmentation Lists |
Permission Pass | A one-time email sent to an out-of-date/unengaged prospect list. | By clicking on an opt-in link, prospects prove that they are active and are interested in receiving further emails. | The set up involves a prospect custom field, a form, and an automation rule. |
Sender Address | What Pardot uses for the ‘from’ email address. | Multiple sender email addresses are available, for free text (General User), selected on an email-by-email basis (Specified User), or dynamically pulled according to the prospect record (account owner, assigned user, account CRM user custom field, prospect CRM user custom field). | When sending an email (Lightning email builder), click ‘Send’ → scroll to the ‘Send and reply’ options. |
Privacy Policy Link | A privacy policy explains how your company handles any customer or employee information captured and processed in its operations. | Individuals have the right to know how their data will be processed, stored and shared. | n/a – your legal department should supply this. |
Explicit Consent for Marketing Communications | Add a link to your organization’s privacy policy in the below form content. | You need to gain explicit consent from the prospect as it legitimizes the processing of prospect data. | This can be added to the ‘below form’ content in the form builder: Content → Forms |
Form Layout Templates | Layout Templates are used to format forms with styling and tags. | Some tags and links, e.g. where your privacy policy appears, are necessary for compliance. | Content → Layout Templates. |
Terms of Use | Protect your company’s legal interests, manage the use of your website, and promote your organization as trustworthy. | This legal agreement describes the rules between a service provider, and a person who wants to use that service. | n/a – your legal department should supply this. |
Registration Thank you Page | Web page where prospects are redirected to immediately after they submit a form. | Set expectations on what will happen next. | Content → Forms. In the form builder: Completion Action tab → the ‘Thank you Content’ or ‘Thank you Code’, depending on your content. |
Pardot Account Settings and Domain Management
These settings are controlled by Pardot Admins, for the whole account.
1. Account Settings
This is where you will find the field that the {{{Organization.Address}}} merge field pulls data from, which needs to be populated for compliance with CAN-SPAM and other regulations.
CAN-SPAM (etc.) compliance requires you have a physical mailing address included in all email footers.
Where can you find it in Pardot? Pardot Settings → Account Information → Edit.
To add the merge field into an email, launch the merge field picker.
3. Pardot Cookies Duration
Pardot admins can adjust the duration of tracking cookies, up to 3650 days. Existing cookies are updated to the new duration when content with tracking code is visited. Stay compliant with your organization’s privacy policy!
Where can you find it in Pardot? Pardot Settings → Account Information → Edit
3. First-party Tracking
“First-party” means that the cookies are placed on your browser by the same website that you are on – therefore, you are placing the cookie on the prospect’s browser (not Pardot).
“Third-party” cookies are becoming gradually blocked by the leading internet browsers, known as the ‘cookieless future’. Not only does enabling First-party Tracking mean you will be able to sustain prospect activity tracking, it also means that your organization is taking responsibility over tracked data.
Navigate to: Pardot Settings → Account Information → Edit
4. Respect Do Not Track Browser Settings
When enabled, this feature prevents a Pardot from capturing activities (page, form and landing page views, file downloads, custom redirect clicks) and recording them in another system, i.e. Pardot. When a user chooses to use Do Not Track (DNT), to opt-out of tracking by websites, it’s a preference that’s applied to all websites.
Where can you find it in Pardot? Pardot Settings → Account Information → Edit
5. Tracker Domains
Tracker domains enable any landing pages, forms, and files hosted in Pardot to have links that appear as your own brand. Prospects will feel more confident clicking on branded links, as opposed to go.pardot.com links. Enabling SSL for tracker domains makes them more secure (https://, and not http//:)
Where can you find it in Pardot? Pardot Settings → Domain Management → Tracker Domain
6. Force HTTPS
As we touched on in the previous point, HTTPS is a more secure browsing experience for prospects vs HTTP (the ‘S’ stands for ‘secure’). For example, https://yourcompany.com is more secure than http://yourcompany.com.
A few years back, HTTPS became the new norm, superseding HTTP – in fact, Google rankings would penalize any websites that weren’t using HTTPS.
How does this relate to Pardot? When you create marketing assets in Pardot, you have the option to choose between https:// or http://. Even if your tracker domain is SSL-enabled, marketers could accidentally overlook https:// vs http:// at the individual asset level.
Pardot can force the prospect’s browser to redirect to HTTPS, if the admin checks the setting: ‘Force HTTPS: Redirect HTTP requests for Pardot-hosted assets to HTTPS’.
Warning – mixed content: If HTTP assets are loaded on an HTTPS page, assets won’t render correctly and your visitors will receive security warnings. Be diligent about switching to HTTPS when creating marketing assets, including layout templates.
7. Tracking Opt-in Preferences
You can request a visitor to opt-in to tracking on their first visit to one of your tracked pages. Requesting opt-in from all visitors is best practice.
The banner won’t appear again unless a visitor clears their browser cookies and the message can be amended, and the banner styled. The standard message displays as: “May we use cookies to track your activities? We take your privacy very seriously. Please see our privacy policy for details and any questions”.
You can set this to “Request opt-in from all visitors before tracking visitors” or “Request opt-in if visitor comes from specific countries”.
Where can you find it in Pardot? Pardot Settings → Domain Management → Edit Tracking Opt-In Preferences.
8. DKIM & SPF Authentication
To achieve the best deliverability, for each sending domain (you want to send email from), a domainkey has to be generated in Pardot.
SPF is an email authentication technique used to prevent spammers from sending messages on behalf of your domain. DKIM allows an organization to take responsibility for transmitting a message by signing it in a way that mailbox providers can verify (via a “public key”).
Where can you find it in Pardot? Pardot Settings → Domain Management
Prospect Opt-in and Email Preferences
Most of the following settings can be managed by the marketing teams (with guidance from the legal team).
9. BCC Email Compliance
BCC Email Compliance allows you to understand what’s being sent out from Pardot – an easy win. As the name suggests, yours or a nominated email address is added as a BCC recipient, therefore, copies of all the emails that Salesforce sends out will land in your/the nominated inbox.
Retain a record of Pardot emails sent and to whom, stored in a third-party system designed for archiving purposes. It’s a requirement common in some industries, such as Financial Services.
Find this in Pardot Settings. It’s available for Pardot Plus and Advanced Edition customers, at an extra cost.
This functionality is also available in Salesforce.
10. Operational Emails
Operational emails bypass opt-in/opt-out status, so you can send non-marketing messages, such as critical notifications or operational messages.
Where can you find it in Pardot? Pardot Settings → Account Information.
11. Prospect Deletion
Ensure you’ve defined a process around prospect deletion, for both database hygiene and to honor a prospect deletion request.
You can decide to ‘soft delete’ a prospect record by moving them to the recycle bin (in case you want to undelete them). When a Lead or Contact is deleted in Salesforce, Pardot sends the associated prospect to the Pardot recycle bin. From there, you can choose to permanently remove a prospect record from your database.
Where can you find it in Pardot?
- (Single records) Prospect record → click Delete.
- (Or, multiple records) prospect list → select All prospects in the list → click Delete.
12. Prospect Opt-out
Important for honoring an individual’s email preferences, and failing to do so can put you at risk of a breach. When a prospect requests to be unsubscribed from emails, you can unsubscribe them from the prospect’s record – manually or with automation.
Where can you find it in Pardot?
- (Single records) Prospect record → check the ‘Do not email’ field.
- (Or, multiple records) Create an automation rule to change the ‘Do not email’ field to true.
13. Confirmed Opt-In Process
This process, also known as double opt-in, verifies that an opt-in request came from the owner of the email address, and also checks that the address is not deactivated, mistyped or fraudulently subscribed.
14. Email Preference Center
The email preference center is the location for prospects to manage the lists they are subscribed to. Not only does this honor an individual’s email preferences, it also prevents complete opt-outs.
Where can you find it in Pardot? Pardot Email → Preferences Page
The link to your email preference center can be linked from a marketing asset using the merge tag:
15. Unsubscribe Page
Allow prospects to opt-out from your communications with one click. To ensure compliance with email regulations, an unsubscribe link (or email preference center link) is required in every email. An unsubscribe link can be inserted on a marketing asset using the merge tag {{Unsubscribe}} – refer to the previous image.
Where can you find it in Pardot? Pardot Email → Unsubscribe Page
16. Policy for Unengaged Prospects
For list hygiene purposes, and to avoid negatively impacting deliverability in the long term, you should have guidelines in place for removing prospects from mailing lists. This could be, for example, after sending X emails to a prospect with no engagement, you should remove them from that list. This will depend on your organization – how many emails you send, and how the prospects generally engage with your content (which could be down to the industry you’re in).
Identify what ‘unengaged’ means to your organization, and then set the appropriate duration using a ‘Frequency and Recency’ dynamic list.
Where can you find it in Pardot? Prospects → Segmentation → Segmentation Lists
17. Permission Pass
A permission pass is a one-time email sent to an out-of-date/unengaged prospect list. By clicking on an opt-in link, prospects prove that they are active and are interested in receiving further emails. You can get creative with the email copy to catch the recipient’s attention.
The set up involves a prospect custom field, a form, and an automation rule.
18. Sender Address
What Pardot uses for the ‘from’ email address when emails land in a recipient’s inbox. Not only does this help your recipients quickly identify who is contacting them, it also directly impacts your open rate success.
Multiple sender email addresses are available, for:
- Free text: General User is a name and email address you type into the boxes provided.
- Selected on an email-by-email basis: Specified User that you choose from a list of your Pardot users.
- Dynamically pulled according to the prospect record: Account owner, assigned user, account CRM user custom field, prospect CRM user custom field.
Pardot Form and Landing Page Settings
Whether your forms are hosted in Pardot or not (i.e. form handlers), you should be aware of the following best practices to implement. Make sure the content and structure of your forms reflect the look and feel of your company, and be as transparent as possible regarding data processing.
19. Privacy Policy Link
A privacy policy explains how your company handles any customer or employee information captured and processed in its operations. Individuals have the right to know how their data will be processed, stored and shared. Your legal department should supply this.
20. Explicit Consent for Marketing Communications
Add a link to your organization’s privacy policy in the below form content. You need to gain explicit consent from the prospect (i.e. they are actively checking a checkbox) as it legitimizes the processing of prospect data.
This can be added to the ‘below form’ content in the form builder: Content → Forms
21. Form Layout Templates
Layout Templates are used to format forms with styling and tags. Some tags and links, e.g. where your privacy policy appears, are necessary for compliance.
Where can you find it in Pardot? Content → Layout Templates.
22. Terms of Use
Also referred to as ‘Terms of Conditions, this legal agreement describes the rules between a service provider, and a person who wants to use that service. Protect your company’s legal interests, manage the use of your website, and promote your organization as trustworthy.
This differs from the privacy policy because the Terms of Use explain to users how your company will collect, store, and use user data from the site.
Where can you find it in Pardot? Insert the link when creating a landing page/form in the builders.
23. Registration Thank you Page
A web page where prospects are redirected to immediately after they submit a form. This is where you set expectations on what will happen next – and you can use this space to get creative.
Where can you find it in Pardot? Content → Forms. In the form builder: Completion Action tab → the ‘Thank you Content’ or ‘Thank you Code’, depending on your content.
Summary
While the collection of features we’ve covered will give you the ‘leg up’, ultimately, sticking to good deliverability practices, data quality, and compliance, lies with you. Using the out-of-the-box settings is good, but you need to understand how these features should address your organization’s requirements.
Alongside the marketing team, you should involve the IT, legal, and sales departments during the process, to address topics such as database hygiene, privacy guidelines, the opt-out process, and others.
When matching Pardot up with deliverability and compliance regulation, a structured approach can make some of the murkier aspects clearer. If you have any doubts, check Pardot’s documentation, and seek a consulting partner.
This Pardot article written by:
Salesforce Ben | The Drip
Lucy Mazalon is the Head Editor & Operations Director at Salesforceben.com, Founder of THE DRIP and Salesforce Marketing Champion 2020.
Original Pardot Article: https://www.salesforceben.com/the-drip/pardot-deliverability-data-and-compliance/
Find more great Pardot articles at www.salesforceben.com/the-drip/
Pardot Experts Blog
We have categorized all the different Pardot articles by topics.
Pardot Topic Categories
- Account Based Marketing (ABM) (7)
- Business Units (14)
- ChatGPT / AI (3)
- Completion Actions (5)
- Connectors (10)
- Custom Redirects (4)
- Data Cloud (2)
- Demand Generation (8)
- Dynamic Content (6)
- Einstein Features (12)
- Email Delivery (17)
- Email Open Rates (3)
- Pardot A/B Testing (2)
- Email Mailability (16)
- Do Not Email (1)
- Double Opt-in (2)
- Opt Out / Unsubscribe (14)
- Email Preferences Page (6)
- Engagement Studio (16)
- Industries (1)
- Non Profit (1)
- Landing Pages (9)
- Lead Generation (1)
- Lead Management (13)
- Lead Routing (3)
- Lead Scoring (16)
- Leads (3)
- Marketing Analytics – B2BMA (9)
- Marketing Automation (1)
- Marketing Cloud (3)
- Marketing Cloud Account Engagement (4)
- Marketing Cloud Growth (2)
- New Pardot Features (6)
- Opportunities (2)
- Optimization (2)
- Pardot Admin (64)
- Duplicates (1)
- Marketing Ops (1)
- Pardot Alerts (1)
- Pardot API (2)
- Pardot Automations (3)
- Pardot Careers (12)
- Pardot Certifications (4)
- Pardot Consulting (1)
- Pardot Cookies (3)
- Pardot Custom Objects (3)
- Pardot Email Builder (8)
- Pardot Email Templates (9)
- HML (6)
- Pardot Events (16)
- Pardot External Actions (1)
- Pardot External Activities (4)
- Pardot Forms (29)
- Form Handlers (8)
- Pardot Integrations (20)
- Data Cloud (1)
- Slack (1)
- Pardot Lead Grading (5)
- Pardot Lead Source (2)
- Pardot Lightning (1)
- Pardot Migration (1)
- Pardot Nurture / Drip Campaigns (1)
- Pardot Personalization (3)
- Pardot Profiles (1)
- Pardot Releases (18)
- Pardot Sandboxes (2)
- Pardot Segmentation (5)
- Pardot Strategy (7)
- Pardot Sync (2)
- Pardot Sync Errors (1)
- Pardot Tracker Domains (5)
- Pardot Training (3)
- Pardot Vs Other MAPs (4)
- Pardot Website Tracking (2)
- Reporting (22)
- Salesforce and Pardot (31)
- Marketing Data Sharing (2)
- Pardot Users (3)
- Salesforce Automation (5)
- Salesforce Flows (2)
- Salesforce Campaigns (20)
- Salesforce CRM (3)
- Record Types (1)
- Salesforce Engage (3)
- Salesforce Queues (2)
- Security and Privacy (1)
- Tags (3)
- The Authors (504)
- Cheshire Impact (9)
- Greenkey Digital (51)
- Invado Solutions (37)
- Jenna Molby (9)
- Marcloud Consulting (6)
- Nebula Consulting (60)
- Pardot Geeks (44)
- Salesforce Ben | The Drip (235)
- SalesLabX (3)
- Slalom (4)
- Unfettered Marketing (46)
- Uncategorized (1)
- Website Tracking (2)
- Website Search (1)
More Pardot Articles
See all posts
This Pardot article written by:
Salesforce Ben | The Drip
Lucy Mazalon is the Head Editor & Operations Director at Salesforceben.com, Founder of THE DRIP and Salesforce Marketing Champion 2020.
Original Pardot Article: https://www.salesforceben.com/the-drip/pardot-deliverability-data-and-compliance/
Find more great Pardot articles at www.salesforceben.com/the-drip/