With just a month to go before GDPR comes into force, I thought it well worth sharing this with you.
There seems to be so much scaremongering around GDPR it reminds me of the so called *Millennium Bug if you remember that. A big frenzy of activity – and then nothing.
Almost everything I’ve read about GDPR bundles B2B with consumer marketing and it shouldn’t as they are two different things.
Yes, much of GDPR applies to businesses, but some important parts do not. Here’s why.
- I need to wait until GDPR is finalised on 25th May 2018 before I consider buying data
No, you don’t. GDPR has already been finalised and the law for nearly 23 months. It comes into direct force on 25th May 2018 when everyone has to comply. Guidance on how to comply has been coming out from the ICO and the Article 29 Working Group on all aspects of the legislation so businesses will know how to implement the changes necessary.
- I need to gain consent for telemarketing campaigns
You do not need to gain consent. You can use legitimate interests for telephone marketing, but you must screen telephone numbers against the Telephone Preference Service and Corporate Telephone Preference Service registers every 28 days. This is the general do not call register, which is set up by PECR. If they are not registered you can call them and if they elect to not be called again by your company you must add them to your own internal do not call list.
- I need to gain consent for email marketing
Not when emailing a corporate business. GDPR will still apply as it covers the processing of personal data in a general sense but email marketing is currently governed by PECR. In a B2B environment, there is an exemption under PECR for employees of corporates, and you can use legitimate interests to send a marketing email to these individuals without their prior consent.
A corporate is defined as a limited company, public limited company, limited liability partnership or government department. When emailing a corporate, you must a) give them the option to easily unsubscribe from receiving further communications, b) the product or service being promoted must be able to be purchased by the recipient in a professional capacity and c) you must identify the sender and provide contact details.
If you want more information about obtaining GDPR compliant B2B data, please drop an email to me here. We are partnered with hold one of the largest compliant databases in the UK.