I thought I’d share some useful links on GDPR in marketing from the Information Commissioner’s Office. These don’t necessarily provide succinct, clear advice, but offer some guidance until the regulations become clearer. I’m not a GDPR expert, but hope these links might be useful if you haven’t already reviewed them.
They should be reviewed if you are undertaking any outbound email marketing activities…
Overall guidance on Marketing from the ICO:
See link: https://ico.org.uk/for-organisations/marketing/
The points do say “these rules don’t apply to emails sent to organisations”, however if you are emailing a firstname.lastname email address at a business, then GDPR is still applicable:
Copied from the ICO website:
“Electronic mail marketing
The most important thing to remember is that you can only carry out unsolicited electronic marketing if the person you’re targeting has given you their permission.
However, there is an exception to this rule. Known as the ‘soft opt-in’ it applies if the following conditions are met;
- where you’ve obtained a person’s details in the course of a sale or negotiations for a sale of a product or service;
- where the messages are only marketing similar products or services; and
- where the person is given a simple opportunity to refuse marketing when their details are collected, and if they don’t opt out at this point, are given a simple way to do so in future messages.
When you send an electronic marketing message, you must tell the recipient who you are and provide a valid contact address.
The rules on emails don’t apply to emails sent to organisations, though you must still identify yourself and provide an address.”
Messaging on Social Media
See link: https://ico.org.uk/for-organisations/guide-to-pecr/electronic-and-telephone-marketing/electronic-mail-marketing/
“What about online marketing and behavioural advertising?
If you are marketing using direct messaging via social media, the electronic mail marketing rules apply.”
Some of the points suggest that existing customers who have purchased from you can be emailed with marketing messages even if they’ve not opted in to a mailing list. (See link: https://ico.org.uk/for-organisations/guide-to-pecr/electronic-and-telephone-marketing/electronic-mail-marketing/)
What is a ‘soft opt-in’?
The term ‘soft opt-in’ is sometimes used to describe the rule about existing customers. The idea is that if an individual bought something from you recently, gave you their details, and did not opt out of marketing messages, they are probably happy to receive marketing from you about similar products or services even if they haven’t specifically consented. However, you must have given them a clear chance to opt out – both when you first collected their details, and in every message you send.
The soft opt-in rule means you may be able to email or text your own customers, but it does not apply to prospective customers or new contacts (eg from bought-in lists).
Rule on marketing in a Business to Business setting
See link: https://ico.org.uk/for-organisations/marketing/the-rules-around-business-to-business-marketing-the-gdpr-and-pecr/
Copied from the ICO website:
What are the rules on marketing emails or texts?
Sole traders and some partnerships are treated as individuals so you can only email or text them if they have specifically consented, or if they bought a similar product from you in the past and didn’t opt out from marketing messages when you gave them that chance. You must include an opt-out or unsubscribe option in the message.
You can email or text any corporate body (a company, Scottish partnership, limited liability partnership or government body). However, it is good practice, and good business sense, to keep a ‘do not email or text’ list of any businesses that object or opt out, and screen any new marketing lists against that.
You may also need to consider the GDPR if you are emailing employees at a corporate body who have personal corporate email addresses (eg email@example.com).
Direct Marketing Guidance PDF from the ICO
Direct Marketing Checklist from the ICO
If you have any useful links relating to GDPR for marketing, especially on the B2B side, then let me know and I can add in.
Be mindful that Flybe and Honda received fines/action from the ICO for sending out mass emails to customers asking if they wanted to update their email marketing preferences… (See the Honda action note here).
[gravityform id=”2″ title=”false” description=”false” ajax=”true”]