Marketing For GDPR - The Key Points
Since the GDPR was first drafted there has been much discussion (and no shortage of confusion) about how the new regulations would affect how businesses are permitted to market to their respective customer base.
Hopefully those involved in marketing will find the key points below useful when reviewing their current procedures and considering what changes they need to make before the 25th of May this year.
Although the new regulations state that direct marketing is a legitimate use of a data subject’s personal information, businesses must also be aware that data protection law must be strictly adhered to when marketing to individuals – particularly via electronic and postal marketing
So, if your business currently relies on viral marketing of any kind (including unsolicited emails, text messages or post) you must comply with the new regulations.
- Businesses can only carry out unsolicited electronic marketing if the recipient has given clear consent;
This is the overarching principle, however there is an exception, known as the “soft opt-in” rule – this applies when:
- A data subject’s details were obtained in the course of a sale or negotiations for a sale of a product or service;
- Where the messages are only marketing similar products or services; and
- Where the data subject is given a simple opportunity to refuse marketing when their details are collected, and if they do not opt out at this point, are given a simple way to do so in all future messages.
Remember – when sending electronic marketing messages you must tell the recipient who you are and provide valid contact details for your organisation.
The rules for emails do not apply to those sent to organisations – though you must still identify yourself and provide contact details.
- As with electronic marketing, if a recipient asks to be removed from your mailing list, you must comply with the request – without exception.
To summarise, it is recommended that, going forward, businesses ensure that all targeted marketing campaigns are permission-based as a rule and data subjects are provided with clear explanations as to what their details will be used for, who to contact should they wish to make a complaint and a simple way for them to opt out at any time.
In the meantime, feel free to contact myself or our Corporate Team if you have any queries or concerns regarding your business’s obligations under the new legislation.