The web is accessible from anywhere in the world. This means that your subscribers and page viewers may be based in the European Union. As of May 2018, the General Data Protection Regulation (GDPR) applies across all EU member states. This means that the following now applies when sending newsletters: The recipient has to consent to the processing of their personal data and the processing needs to be legally compliant. In addition, you must be able to provide information at any time about how a subscriber’s personal data such as an email address is stored and used.
However, the GDPR doesn’t stipulate that consent must take the form of a double opt-in procedure. If you don’t issue a confirmation email to consent to a newsletter subscription, you’re technically not in violation of the GDPR. However, since the regulations stipulate that you must be able prove at any time that a user has agreed to receive your newsletter, you can use double opt-in as a proof of this requirement.