By:
Hanna De La Garza
| Updated on: March 2, 2026
Reviewed by:
Masha Komnenic CIPP/E, CIPM, CIPT, FIP
An email disclaimer is a statement in the footer of emails that sets legal guidelines addressing data protection, confidentiality, and other liabilities.
Using an email disclaimer helps your business:
Read on to learn more about email disclaimers and when and how to use them.
An email disclaimer is a short paragraph included with an email to inform the recipient of their rights or obligations regarding the information in the email.
They help exempt the sender from liability if the information in the email is used incorrectly.
Here’s a quick example of an email disclaimer (we show you more below):
Email disclaimers don’t fully exempt you and your company from all liability. But they can help fulfill some legal requirements.
They also offer protection in conjunction with other measures you need to take.
Following email best practices may also help you in terms of maintaining high email deliverability for subsequent emails you send.
Email disclaimers offer some legal protection.
Usually, email senders create disclaimers to protect themselves. But in some cases, they may offer protection for the recipient too.
For example, a disclaimer might protect both the sender and the recipient if an email containing confidential data gets sent to the wrong email address.
Let’s take a closer look at a few of the most common forms of legally protected information and how email disclaimers come into play.
HIPAA-Protected Information
Full compliance with the Health Insurance Portability and Accountability Act of 1996 (HIPAA) requires several specific measures to ensure that the security of patients’ health information, including their medical history.
These include end-to-end encryption and storage of patient emails with sensitive data in dedicated servers.
Having a disclaimer can also protect the sender if they accidentally send an email containing patient health information to the wrong address.
Adding a confidentiality disclaimer is not enough to make your email HIPAA compliant. It is just one part of the compliance process.
Client Confidentiality
Lawyers and psychological therapists are bound by rules specific to their professions not to share what their clients tell them with any third parties unless the client agrees.
In this case, an email disclaimer is not enough to gain permission for sharing client information with third parties. The client needs to expressly agree to what information and with whom it will be shared.
It is a best practice for lawyers and therapists to include an informative disclaimer advising clients to use caution when sending confidential information via email.
Your email disclaimer must follow any and all applicable laws, and to be considered ‘legally binding’ by most courts, you may need to obtain explicit consent from recipients and prove they read and agreed to all of your terms.
Yes, if you send emails containing confidential information, adding a confidentiality disclaimer to your emails could protect you in the event of a legal complaint.
A confidentiality disclaimer alerts the email recipient that content contained within the email is meant only for the addressee.
You should use an email disclaimer if you:
Here’s why.
The General Data Protection Regulation (GDPR) is designed to protect people’s personal data in Europe and contains several specific requirements for businesses that handle consumer information.
Including a privacy disclaimer in emails can help reassure consumers that your company’s policies are in line with the GDPR. This also helps them feel more confident entrusting you with their personal data.
Any business that offers goods or services to people residing in Europe must comply with the GDPR.
To be safe, a privacy disclaimer should be included with all email communications that originate from your company’s official email account that may be sent to someone residing in the protected areas of Europe.
There are now several US States with consumer data protection laws. If you send emails to people in those locations, it’s important to also include an email disclaimer with a link to your privacy policy.
Make sure that any data collected through email channels or otherwise is handled in accordance with the state regulations.
Though each law slightly differs in terms of what types of businesses are covered and the requirments to protect consumer data, they share some similarities.
Be sure to include a link to your privacy policy in the email disclaimer for any marketing and promotional materials that may reach people in protected states.
Anyone who handles medical history, medical records, or other patient health data needs to be very sure they are compliant with HIPAA regulations for sending sensitive patient information via email.
This includes people in many industries and professions, from doctors, nurses, psychiatrists, and pharmacists to insurance agents, brokerages, and administrative assistants.
To be HIPAA compliant, emails containing patient health information need to be protected by security measures such as end-to-end encryption.
Willful violations of HIPAA can result in fines of up to $1.5 million and even jail time. The severity of the punishment for a HIPAA infraction is based upon the level of negligence involved.
Anti-spam laws in Canada and Australia require that any newsletters or other correspondence sent to multiple customers via email must include an unsubscribe option as part of the email signature disclaimer.
Any business operating in Canada or Australia or sending emails to Canadian or Australian residents must follow this regulation. Failure to do so can result in fines of up to 10 million Canadian dollars or 1.7 million Australian dollars.
Since the US and European Union member countries also require an unsubscribe or opt-out option in addition to their consumer data privacy protection laws, it is safe to say that any company operating internationally or sending mass emails or newsletters needs an unsubscribe disclaimer.
Any time you send confidential information by email, a confidentiality email disclaimer should be included to protect the sender from potential litigation in the event that the email is mistakenly sent to the wrong email address.
Data that could be used to identify a person, aside from their name, may be considered confidential info, including:
Below, I walk you through the following most common types of email disclaimers and provide examples to help you make your own:
These should be included when the email contains information that could be used to identify a person, such as:
Here is are two examples of an email confidentiality disclaimer.
Example 1:
The content of this email is intended for the person or entity to which it is addressed only. This email may contain confidential information. If you are not the person to whom this message is addressed, be aware that any use, reproduction, or distribution of this message is strictly prohibited. If you received this in error, please contact the sender and immediately delete this email and any attachments.
Example 2:
(Your Company) makes protecting client information the highest priority. If you have received this message in error, please inform the sender and delete this email along with any attachments immediately. The information contained in this email may be legally-protected, confidential data. Any unauthorized use may result in legal action, including fines and jail time.
In professions where people have a reasonable expectation that the information they share will be confidential, an email disclaimer should always be used during digital communications.
A higher degree of care needs to be taken to ensure the client’s right to privacy is being respected.
This disclaimer should be placed at the top of your email rather than the footer.
Affected professions include:
Here is an example of a privileged and confidential information email disclaimer:
IMPORTANT: This email may discuss privileged and confidential information. Viewing, forwarding, or printing this email is strictly restricted to the person named. If you are not the intended recipient, you are required to inform the sender of their error and delete the email and any attachments without delay.
External email disclaimers are used to alert the recipient that an email is coming from outside of their email system.
For example, it might be automatically included in emails that originate outside of the recipient’s hospital, university, or company.
Here are two examples of an external email disclaimer.
Example 1:
EXTERNAL EMAIL! Use caution when sending personal data or opening attachments.
Example 2:
Caution: External Email. This email originated from outside of the (Your Company) system. Do not open attachments or click on links from unknown sources.
The purpose of virus transmission disclaimers is to protect the sender from liability if malware is somehow transmitted along with the email.
These are useful for marketing materials or newsletters that contain links to various outside sources.
Here is an example of a virus transmission email disclaimer:
Despite (Your Company’s) dedication to online security, we cannot guarantee the safety of external links. Please exercise caution when clicking links to avoid transmitting viruses and other malware.
Many countries’ anti-spam legislation, including the US, Canada, and European Union member countries, specifies that newsletters and other types of marketing materials that are sent en masse via email must include an opt-out or unsubscribe option as a clickable link.
This is usually included in the email footer or signature along with other required information, such as the company’s mailing address and legally registered name.
Here is an example of an unsubscribe email disclaimer:
If you no longer wish to receive emails from (Your Company), click here to Unsubscribe from our mailing list.
This type of email disclaimer is useful for newsletters or in any email in which individual employees are expressing opinions that could potentially be seen as offensive or controversial.
They are intended to protect the company from being sued or from receiving negative attention from the press.
Here is an example of an opinion email disclaimer:
The opinions expressed in this email are the viewpoint of the author only and do not represent (Your Company’s) stance on any issue, whether social or political in nature.
“Legal disclaimer” is an umbrella term that covers most types of email disclaimers designed to help the sender avoid litigation.
They can also be used to inform the recipient that the information in the email does not create a legally binding contract with the company.
For example, legal disclaimers are often used by employers when discussing a job position with a potential candidate.
Here are two examples of a legal email disclaimer.
Example 1:
This email is for informational purposes only and does not constitute an employment offer.
Example 2:
This is not an offer of employment or any other legally binding contract.
To show that your company values ecological responsibility, you may choose to include a disclaimer about conserving resources whenever possible.
Here is an example of an environmentally-conscious email disclaimer:
Save a tree! Please don’t print this email unless absolutely necessary.
HIPAA is a series of laws that regulate how people’s medical information is handled digitally. It is important to reiterate that including a HIPAA email disclaimer is not enough in itself to ensure full compliance with HIPAA.
HIPAA medical disclaimers need to address the following points:
Here is an example of a HIPPA email disclaimer:
This email may contain health information that is protected by law. Although (Your Company) is fully compliant with all regulations for the protection of our patients’ health information, no email is completely secure. We urge you not to include personal data in emails. If this email has reached you by mistake, please delete the email and any attachments at once to avoid legal consequences.
Any email that might reach a resident of the European Union or the European Economic Area should contain a disclaimer.
A GDPR-compliant email disclaimer should include a link to the company’s privacy policy and inform the recipient of some of their rights as a consumer.
Here is an example of a GDPR-compliant email disclaimer:
(Your Company) is proud to be fully compliant with GDPR requirements for protecting our customers’ personal data. View our privacy policy here for more information about how we ensure the security of your health information. If this email has reached you in error, be advised that sharing this information with any third party is strictly forbidden.
As with other types of disclaimers, using email disclaimers helps protect your business.
When used correctly, they can potentially save your company millions of dollars in fines and legal fees. They also help your customers and clients feel secure that your company will protect their data.
Email disclaimers can even be an opportunity to showcase your company’s values and portray a more trustworthy and responsible image.
Failing to use email disclaimers well may result in massive fines for non-compliance with online data protection regulations.
Not including an email disclaimer is a mistake that could leave your company and its management open to being sued.
For example, without a confidentiality disclaimer, someone who receives an email not intended for them may not know what to do and could make the problem worse.
When writing an email disclaimer, clarity is the name of the game. You want to convey the message without unnecessary jargon, or wordiness.
Use enough words to accurately get your point across, but not so many that the meaning of the disclaimer is lost in a block of tiny words that no one is going to read.
Consider how strongly you want to word the disclaimer; do you want to phrase it as a polite request or more of an order?
As always, seeking expert advice is strongly recommended when dealing with anything that might have legal or financial consequences for your company and its representatives.
The current state of the laws regulating the security and privacy of online data is ever-shifting. Keeping your company’s policies up to date benefits your bottom line and your customers.
Email disclaimers are important to ensure all reasonable steps are taken to protect confidential information.
It can also help protect your company from legal penalties. Email disclaimers don’t do any harm, and they keep your legal team happy.
Email disclaimers are essential, but they cannot help your business fully meet legal requirements outlined by data privacy and consumer protection laws.
While having them may help align your site with the various obligations, you’ll need additional resources and tools to actually achieve compliance.
For example, you most likely also need an honest, accurate privacy policy, an updated cookie policy, and some for of a consent management tool or solution.
Think of email disclaimers as one small part that makes up your whole compliance journey.
You can use resources like Termly’s disclaimer generator to help you easily make email disclaimers and more for your business.
Learn more about email disclaimers by reading through the frequently asked questions below.
You can find typically find an example of an email disclaimer in the footer of most emails. Chances are high there are plenty of email disclaimers included in most of the emails in your inbox (especially if they’re marketing ones). What is an example of a disclaimer in an email?
Here is a good example of an email disclaimer that reminds recipients of their right to unsubscribe from recieving the notifications.What is a good email disclaimer example?
“You’re receiving this email because you subscribed to recieve updates from [COMPANY NAME]. If you no longer wish to recieve these emails, you can unsubscribe anytime by clicked this link. [LINK]”
Having an email disclaimer in the footer of marketing emails and other communications you send may help align your processes with applicable laws and regulations.Are email disclaimers legal?
On a similar note, explicit consent to the terms must be obtained by the recipient for an email disclaimer to be considered legally binding.
Hanna De La Garza is a privacy writer at Termly with a Bachelor’s Degree in Journalism from the University of Florida. She creates engaging resources on data privacy, consent management, regulatory updates, and more.
More about the author
Reviewed by Masha Komnenic CIPP/E, CIPM, CIPT, FIP Director of Global Privacy
November 5, 2025
Natasha Piirainen
October 15, 2025
Hanna De La Garza
October 15, 2025
Natasha Piirainen
October 15, 2025
Hanna De La Garza
August 22, 2025
Natasha Piirainen
July 31, 2025
Natasha Piirainen
July 25, 2025
Natasha Piirainen
July 25, 2025
Natasha Piirainen
July 24, 2025
Natasha Piirainen