More than CASL compliant email software

Compliance, security and privacy are three key areas our clients deeply care about. So do we.

In addition to CASL compliance features that fully automate and accommodate even special cases, you get peace of mind of a secure environment from a Canadian owned and operated company with a strong commitment to data privacy.

Data in Canada

All your data is stored on Canadian servers including backups.

Display all contact facing pages in English and French.

CASL compliance is automated with a slew of customization options

Made for Canadian email marketing and communications

All data is stored in Canada, including backups. 

Managing our own secure infrastructure – not reliant on AWS

Envoke is a 100% Canadian owned corporation registered in Ontario since 2007.

Send CASL compliant emails

Put CASL compliance on auto-pilot with comprehensive CASL compliance tools:

Envoke’s compliance features automatically collect, update and track consent changes to keep you compliant by default.


In addition to express consent and unsubscribes, various types of implied consent are tracked, including management of rolling expiry dates, so you don’t have to keep track of this manually.

Mitigate loss of contacts due to expiry of consent by sending automated expiry reminders and consent request emails.

All consent changes for every contact are logged for a complete audit trail.

Edge cases? No problem. We handle special cases and exceptions and you can override default behaviour as needed.

CASL functionality comparison of email marketing companies

Feature Non-Canadian email platforms
Mailchimp, Campaign Monitor, Constant Contact, etc.
Envoke Cyberimpact Campaigner

How do we help you comply with CASL?

Envoke’s compliance features automatically collect, track, and upgrade to express consent under CASL.

All types of implied consent expiry dates are tracked to automatically suppress emails where consent is no longer valid.

All consent changes are also logged for a complete audit trail.

We provide mandatory emails option to allow you to send messages to contacts who are contractually obligated to receive emails even if they didn’t opt-in.

Additionally, Envoke automatically detects and manages your contacts according to the rules of their governing country to accurately comply with foreign country legislation such as GDPR (EU) and Can-SPAM (US).

Privacy and security

The data centre is certified ISO 27001:2005 for providing and operating dedicated cloud computing infrastructures. Operations are based on ISO 27002 and ISO 27005 security management and risk assessment norms and associated processes. The data center has obtained SOC 1 and 2 type II security certifications and has active Anti-DDoS mitigation infrastructure.

Refer to our Privacy Policy to read more about what personal information we collect, why we collect it, how this information is used and shared with and the choices you have to access, update, and remove your personal information from the service.

Nationwide compliance

Automated consent and subscriptions management keeps your relationships on solid footing and enables compliance with federal privacy and anti-spam laws including PIPEDA, The Privacy Act and CASL, provincial private sector laws including PIPA (BC), PIPA (AB), P-39.1 (QC) and FIPPA (NS) and provincial and territory public sector privacy laws, such as FIPPA (BC), FOIP (AB), FIPPA (ON) and FOIPOP (NS).

Want to discuss how Envoke can keep
your communications compliant?

Start a 30 day trial

Start a fully loaded trial account

30 days free access:

Let’s discuss your requirements to establish or rule out a fit.

Trial accounts include full support and all functionality.