Alex is Sprintlaw’s co-founder and principal lawyer. Alex previously worked at a top-tier firm as a lawyer specialising in technology and media contracts, and founded a digital agency which he sold in 2015.
Contents
- What Is BIMI And Why Are Businesses Talking About It?
- How BIMI Actually Works
- BIMI Isn’t One Single Standard Experience
- Do New Zealand Businesses Need A Trade Mark For BIMI?
- Trade Marks Still Matter, Even Beyond BIMI
- BIMI Also Raises The Bar For Email Compliance
- Supporting Documents Worth Checking Before You Roll It Out
- Common Mistakes That Slow BIMI Down
- Key Takeaways
Email trust has never mattered more for New Zealand small businesses. Inboxes are more crowded than ever, scams are increasingly sophisticated, and customers are cautious about who they open emails from and what they click. Even if your business is doing everything right, it’s easier than ever for a legitimate brand to look questionable at a glance.
That’s where BIMI comes in.
If you’ve heard about BIMI (Brand Indicators for Message Identification), you might know it as the system that can show your logo next to your emails in some inboxes. But behind that simple visual cue is a broader trust framework built on authentication, identity, and (sometimes) formal evidence that you have the right to use the logo you’re displaying.
In this guide, we’ll walk through what BIMI is, why it matters for New Zealand small businesses, and the key legal and practical question: do you need a registered trade mark to use it?
What Is BIMI And Why Are Businesses Talking About It?
BIMI is an email standard designed to help recipients quickly recognise legitimate senders by displaying a verified brand logo in supported inboxes. From a customer’s perspective, it’s straightforward: seeing a familiar logo next to an email can make it feel more trustworthy.
From a business perspective, BIMI is often discussed as a branding win, but it’s also a security signal. It is designed to sit on top of strong email authentication, which helps reduce impersonation and phishing attempts that rely on spoofed domains.
How BIMI Actually Works
BIMI isn’t something you “switch on” in isolation. It depends on your email domain already being set up in a way that mailbox providers consider trustworthy.
At a high level, BIMI usually involves three layers. First, your domain needs strong email authentication, including DMARC, so mailbox providers can validate that your messages are genuinely coming from you. Second, you need a BIMI-compliant logo file in the right format, hosted in a way mailbox providers can fetch securely. Third, depending on the mailbox provider, you may need a form of verified “evidence” tying your brand identity to the logo.
It’s that third layer that causes most confusion, especially around trade marks.
BIMI Isn’t One Single Standard Experience
A common misconception is that BIMI is either “on” or “off”. In reality, logo display depends heavily on which inbox provider your customers use, because different providers require different levels of evidence before they’ll show a logo.
In practice, there are a few common pathways. Some providers may display a logo based on a self-asserted BIMI record (meaning you publish BIMI with your logo, without a mark certificate). Other providers place more weight on certificate-based evidence. And some providers (notably Gmail) require certificate-based BIMI for the logo to display.
This is why the most useful question isn’t “Can I publish BIMI?”, but “What do the inboxes my customers use require?”
Do New Zealand Businesses Need A Trade Mark For BIMI?
Sometimes, but not always.
A registered trade mark becomes important if you want a Verified Mark Certificate (VMC). A VMC is designed to verify that the logo is a registered trade mark and that your organisation is entitled to use it. If your goal is the highest level of verification (and in some ecosystems, additional trust indicators), a VMC is the pathway that typically requires a registered trade mark.
However, a registered trade mark is not universally required for BIMI in all forms. Gmail now supports Common Mark Certificates (CMCs), which are designed for organisations that don’t have the registered trade mark required for a VMC. Under that approach, your logo can still display in Gmail, but without the Gmail verified checkmark that’s associated with VMC-based verification.
For New Zealand small businesses, the practical takeaway usually looks like this. If a large portion of your audience is on Gmail, you should expect certificate-based BIMI to be part of your plan (VMC or CMC). If you already have a registered logo trade mark (or you’re prepared to register one), a VMC may be a strong long-term option. If you don’t have a registered logo trade mark, a CMC may be the more realistic path to getting your logo to appear in Gmail, while you decide whether trade mark registration is worthwhile for your business.
Trade Marks Still Matter, Even Beyond BIMI
Even when a trade mark isn’t strictly required for your preferred BIMI pathway, it often becomes more important once your brand is more visible in inboxes. If BIMI increases recognition, it can also increase the likelihood of copycats, confusingly similar branding, or disputes. That’s where trade mark strategy and trade mark scope (including appropriate classes) become a business-protection issue, not just a BIMI setup issue.
In New Zealand, trade marks are handled through IPONZ, and trade mark registration is a separate legal step from registering a business name. A business name registration helps you trade under a name; a trade mark helps you stop others from using a brand identifier in protected categories.
BIMI Also Raises The Bar For Email Compliance
BIMI can strengthen trust, but it can also make non-compliance more obvious. Once you’re presenting a verified brand identity at the inbox level, customers will reasonably expect your emails to be legitimate and compliant.
For New Zealand businesses sending marketing emails, that means being especially careful about the usual basics: sending with consent, clearly identifying the sender, and including a working unsubscribe mechanism. BIMI doesn’t replace these obligations. If anything, it amplifies the reputational impact of getting them wrong.
Supporting Documents Worth Checking Before You Roll It Out
Before turning on BIMI, it’s a good time to review whether your customer-facing email setup matches the trust signal you’re trying to earn. Depending on how you run your campaigns, that may include confirming your Privacy Policy reflects your email marketing data practices, ensuring your unsubscribe process is reliable, and making sure staff or contractors who send campaigns follow an approval process that reduces mistakes.
Common Mistakes That Slow BIMI Down
Most BIMI delays don’t come from the logo itself; they come from assumptions. Businesses often assume BIMI is purely technical, when it can also involve certificate evidence. Others assume a business name registration is the same as a trade mark, or they try to set up BIMI before DMARC is actually enforced. Another common issue is expecting the logo to appear everywhere immediately, when display depends on each mailbox provider’s rules and rollout.
Key Takeaways
BIMI can display your logo next to emails in supported inboxes, but it’s built on authentication and trust evidence, not just branding. New Zealand businesses don’t always need a registered trade mark to use BIMI, but a trade mark is typically required if you want a VMC. If you don’t have a registered logo trade mark, a CMC may still allow your logo to display in Gmail. Finally, because BIMI increases visibility and perceived legitimacy, it’s worth tightening email compliance and key supporting policies before you roll it out.
If you’re considering BIMI and want to make sure your trade marks, brand assets and email communications are legally sound, you can reach us at 0800 002 184 or team@sprintlaw.co.nz for a free, no-obligations chat.
Alex SoloCo-Founder
