Read also: Your newsletter tracks who opens it — now CNIL requires consent
Most people who send newsletters open the dashboard afterward and check the numbers. Who opened? Who clicked? How many unsubscribed? It feels like regular marketing work.
But what happens behind the numbers is a tracking pixel—an invisible image embedded in the email—that reports back to the server every time someone opens it. The tool records the time, device, operating system, and in some cases, approximate location.
CNIL's recommendation from April 2026 makes it clear — this is not just statistics. It is individual tracking of identifiable persons. And it requires either prior consent or that you limit the tracking to aggregated numbers without a link to individuals.
Your privacy policy should already be telling people about this. Is it?
**Practical point:**
Go into the newsletter tool and check two things. First, can you turn off individual open tracking and only keep aggregate numbers? Some tools offer this. Second, does your privacy policy mention that the newsletter uses a tracking pixel? If not, add it.
Inspired by: CNIL