Fortunately for the recipient, and unfortunately for the sender, businesses cannot just send marketing emails to anyone whenever they want. In order to be compliant with laws, you should receive prior permission, known as an opt-in. This could be someone signing up for a newsletter on your website, through something like a pop-up or as part of ordering a product. If you want to be extra safe, you should double opt-in, which asks users to confirm their subscription to your email list.
Technically, it is a little more complicated than that. In the United States, the CAN-SPAM Act does permit marketing emails to be sent to anyone without prior permission, so long as there is the option to opt out of receiving the emails, and the sender ceases sending those emails once receiving the opt-out request. In Europe, the recipient must have given prior consent by opting in directly. With certain exceptions, Canada has the same rules as Europe.
No matter where you’re sending from or to, you need to include opt-out instructions on every email, usually done through an “unsubscribe” link.
Other information must be included as well, most notably a physical postal address (including a PO Box in the United States). Senders also cannot obscure the sender identity or use an overly misleading subject line.
Not only are these laws, but they are good business practices regardless, and help show your email list that you are transparent and honest.