As a DMA member (Direct Marketing Association) we have to ensure all of our consumer and business data we hold in house and our partners we work with, who provide us with their prospect marketing lists, adhere to certain legislation’s in order to keep our DMA membership. Below are two of the key regulations we obey:
The Data Protection Act 1998, any business within the UK who handles or collects consumer data has to, by law, company with the below key point:
- Protect the right of the consumer
- Any data collected in sourced fairly and lawfully
- All data is kept accurate and up to date
Further information on the DPA can be found here.
As part of the EU and DMA we also have to abide by the legislation’s set out in The Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR). This relates to any electronic direct marketing communications carried out to consumer data including:
- Email and SMS marketing
- Telemarketing
- Viral marketing
- Fax marketing
- Automated calls
The basic outline of the PECR is any electronic direct marketing must comply with this particular set of rules, even if you don’t know the individual’s name. However, as soon as you find out the consumer’s name you then also have to adhere to the Data Protection Act.
For more information on the current PECR click here.
Why have we bought this up?
There is change on the horizon and it will affect any business using or handling personal consumer data within the EU. Although no need to panic – you still have to time to get your data and process in order to comply!
The European Commission is planning to combine data protection to a single law – the General Data Protection Regulation (GDPR) which is planning to come into force 2017/2018.
What does this mean for your business?
The new regulation came about due to globalisation and technological developments such as social media and cloud computing, which were not covered by the DPA or PECR. This will now be covered and extended to all foreign companies using, processing or storing EU resident’s data.
The final details are yet to be confirmed by the European Parliament, European Commission and the Council of Ministers, however the sanctions have already been announced of fines up to €1M or 2% of annual worldwide turnover.
Next steps
Most importantly if your business collects, stores or processes consumer data there will be a list of regulations your business has to abide by such as:
- A clear privacy policy with proof of valid consent
- Ability to provide copies of personal data
Capacity to delete personal data if required to (right to be forgotten)
As the GDPR has not yet been finalised we highly recommend your policies, procedures and technological capabilities are tested to ensure they will be able to comply with the new regulations when they are enforced.
Check your data at the same time
Use our FREE data audit to find out if any of your customers have moved house or changed their telephone number. We will verify your customer database against a range of checks so you can discover how much of your data needs updating all for FREE.
Clean up your customer database with our free data audit today by calling the team on 0845 345 7755.
