Free tool
Free PDPA compliance checker for cold emails
Paste your cold email and get an instant check against Singapore's PDPA and Spam Control Act requirements: opt-out, sender identification, labelling, and subject line rules. Free, and it runs entirely in your browser.
What this checks, and what it can't
The checker applies rule-based tests drawn from the Spam Control Act 2007 and the PDPA: a working opt-out, accurate sender identification, contact details, an honest subject line, and guidance on the <ADV> label, data sourcing, and the DNC Registry. It catches the failures that trigger most complaints.
What it cannot do is judge context. It cannot tell whether your list was lawfully sourced, whether your volume crosses the Act's bulk thresholds, or whether a particular recipient's address is business contact information under the PDPA. Treat the result as a hygiene pass, not a legal opinion. For the full picture, read our PDPA cold email guide and Spam Control Act guide.
The five requirements, briefly
1. A working opt-out
Every bulk message needs a clear, free way to say stop, kept working for at least 30 days after sending, with requests honoured within 10 business days. A simple reply-to-unsubscribe line satisfies it.
2. Accurate sender identification
No false or misleading information about who is sending. Real name, real company, real domain, in the from-line and the signature.
3. Contact details
The Second Schedule expects the recipient to have a genuine route back to you beyond the from address: a phone number, an office address, or a clearly stated contact line.
4. An honest subject line
A title that would mislead the recipient about the content breaches the Act. Fake "Re:" threads, invoice bait, and free-money hooks are exactly the behaviour the statute describes.
5. <ADV> labelling for bulk sends
Unsolicited commercial messages sent in bulk must start the subject with <ADV>. Whether your programme crosses the bulk thresholds is the question to answer honestly before skipping the label.
Common failures
- No opt-out line at all, on the theory that personalised mail does not need one. Once your volume crosses the bulk thresholds, it does.
- A bare first name in the sign-off with no company, so the recipient cannot tell who is actually writing.
- Subject lines that fake familiarity: "Re: our chat" on a first touch is misleading header behaviour, not clever copy.
- Bought or scraped lists. Both the PDPA and the Spam Control Act specifically target harvested addresses and dictionary attacks.
- Asking prospects to call or text without checking Singapore numbers against the DNC Registry first.
Fix it once with built-in compliance
HuntSales adds a one-click unsubscribe link to every campaign send, writes opt-outs to a permanent suppression list, and checks that list automatically before every email leaves your mailbox.
See outreach featuresFrequently asked
Is cold email legal in Singapore?
Yes, B2B cold email is legal when done properly. The PDPA's business contact information exception means consent is not required to email someone at their corporate address about matters relevant to their role. The Spam Control Act then sets the rules for the message itself: accurate sender details, an honest subject line, and a working unsubscribe facility.
Do I need consent to email a work email address?
Generally no. A business email address, together with the person's name and title, is business contact information under section 2(1) of the PDPA, and the consent obligations do not apply to it. This assumes the details were not provided solely for personal purposes and your message relates to the recipient's business capacity. Personal Gmail addresses do not get this exemption.
Do I have to label my cold email with <ADV>?
The Spam Control Act requires unsolicited commercial messages sent in bulk to carry the <ADV> label at the start of the subject. Bulk means over 100 similar messages in 24 hours, 1,000 in 30 days, or 10,000 in a year. Genuinely one-to-one, personalised B2B mail typically sits below those thresholds; templated sequences at volume usually do not.
How quickly must I honour an unsubscribe request?
Within 10 business days under the Spam Control Act, and the unsubscribe route must stay working for at least 30 days after each send. In practice, suppress instantly: the statutory window exists for slow manual processes, not to squeeze in extra follow-ups.
Does this tool store my email or give legal advice?
Neither. The checker runs entirely in your browser; nothing you paste is sent to a server. It applies rule-based checks drawn from the PDPA and the Spam Control Act, but it is guidance for sales operators, not legal advice. For edge cases, speak to a lawyer.