On 13 November 2025, the European Court of Justice (“ECJ”) handed down its Inteligo Media judgment (C‑654/23), a closely watched decision on email marketing under the ePrivacy Directive (“ePD”). 

In short, the judgment consolidates the “soft opt‑in” under Article 13(2) ePD (in Germany: § 7(3) UWG) as a workable path for customer‑relationship email marketing in freemium and registration contexts - without a separate legal basis under Art. 6 GDPR. For companies, the ruling both simplifies the legal test for certain B2C emails and sharpens the operational conditions for compliant newsletter programs. 

Facts of the case and legal questions raised

Inteligo Media operates an online news portal where users, upon registering, receive a free account with limited article access and a daily newsletter sent by email. The email addresses were collected during this registration and then used to send individualized newsletters. The newsletters contained editorial content but functionally aimed at directing users to paid offerings (access to additional article, but in particular a full subscription). 

The dispute turned on whether such emails constitute “direct marketing” and whether using the address collected during registration occurred “in connection with a sale,” so that the soft opt‑in under Article 13(2) ePD would apply. It was also at issue whether an additional legal basis under Art. 6 GDPR was required for sending the emails, or whether the ePD rules are lex specialis and thus conclusive in this respect.

Summary of the ECJ’s findings

A broad concept of “direct marketing”: The ECJ confirms that emails qualify as “for the purposes of direct marketing” when they pursue a commercial objective and address recipients individually. Editorial or informational content does not strip an email of its marketing nature if the functional aim is to promote paid offerings, e.g., nudging users from free access limits to a paid subscription. This aligns with the ECJ’s earlier approach to inbox‑level communications. 

“Sale” includes indirectly remunerated freemium models: For the Article 13(2) ePD exception, the Court interprets “in connection with the sale of a product or service” broadly. Creating a free account that grants limited content and a free newsletter can constitute a “sale” where the free elements are embedded in a business model designed to drive paid subscriptions and their costs are economically priced into the paid service. Indirect remuneration suffices. 

ePD as lex specialis to the GDPR: Where Article 13(2) ePD governs direct marketing emails, its specific conditions are exhaustive. A separate legal basis under Art. 6 GDPR is not needed. That said, general GDPR obligations still apply to the surrounding processing (e.g., transparency, data minimisation, security, accountability). Where Art. 13(2) ePD applies, Data Protection Authorities (“DPAs”) are not competent to issue sanctions, however DPAs remain competent for independent GDPR issues (e.g., transparency, security). Unfair‑competition enforcement continues via civil routes. 

Broader legal context

The ruling is an evolution rather than a revolution. National case law and practice had already moved toward allowing soft opt‑in for freemium and registration journeys, provided the legal requirement (similar products/services; clear notice at collection; easy, free opt‑out at collection and in every consecutive email) were met. 

The explicit lex specialis holding closes the door on “dual‑track” justifications (ePD plus Art. 6 GDPR) for sending marketing emails to existing customers. The judgment leads to operational simplification for marketing teams and clearer lines for legal review. 

At the same time, it is unclear how far the “sale” concept stretches to registrations on fully free, non‑commercial platforms; economic embedding and promotional intent still matter.

Consent scenarios under Article 13(1) ePD were not squarely decided; the extent of any future lex specialis reading in pure consent cases is a developing point to watch.

Overall, the judgment creates clarity on the soft opt‑in baseline, paired with unresolved edges that call for careful implementation. 

Practical implications for companies

To use the soft opt-in lawfully:

• Verify similarity of promoted products/services.
• Limit marketing emails to your own offerings.
• Document freemium journeys showing economic link to paid services.
• Provide clear notice and easy opt-out at collection of the email address and in every consecutive email.
• Maintain GDPR hygiene: update privacy notices, apply data minimisation, and keep records of reliance on the ePD exception.
• Review editorial-style campaigns to confirm commercial purpose and compliance.