So, what is all the fuss about marketing with the new UK data protection legislation and why is B2B and B2C contact different? Big question with a myriad of answers – but here’s my view of some important things to remember.
B2B and B2C
B2B (business to business) and B2C (business to customer) are effectively the same thing, but the underlying principle of utilising personal data is the key.
Businesses that use generic email addresses like info@, enquiries@, admin@, or even hello@ do not have any personal information in them, so are not bound by the 2018 UK data protection legislation. They are still bound by the restriction of the PECR (Privacy and Electronic Communications Regulation). While this legislation was bought in to force in 2003, there have been constant revisions, the most recent being in 2019 relating to the marketing of pension schemes.
Marketing to customers, or individuals, will predominantly have an identifiable link to someone’s identity and are therefore more highly scrutinised. Marketing to customers, or individuals, must have consent. As a business you are within your rights to refuse access to your services as you may view marketing as essential for the relationship to continue, but that will have to be evidenced. Don’t forget the “unsubscribe” option on marketing material as this is now essential. One of the rights an individual has is the right of erasure (commonly called the right to be forgotten) from your process. This can be in whole, or in part, but you have to action that request within one month to remain compliant of the 2018 UK data protection legislation.
Unlawful use of marketing is most often linked to data sharing. An individual might ask “Why has this company got my data and what can I do about stopping its use?” As individuals, or as organisations, an application can be made to the Telephone Preference Service (TPS) which makes any direct contact, over the telephone, with a marketing message illegal. Even if you are a sole trader you have to make sure you will not be caught out by this.
Cold calling is not dead, which was the original cry when the new regulations were first circulated during 2016. The data regulations did make certain activities illegal, but again this was due to the regulation closing the loopholes to certain practices that now forms a framework of protection using other legislation, like the PECR.
As mentioned above utilising the TPS is a sure way to limit the number of telephone calls you would receive as an individual. Until all of the unscrupulous organisations are identified and either put out of business or have their practices changed the receipt of what are deem nuisance calls will not die out altogether. Again, the PECR also has legislation to support the frameworks laid out in the 2018 UK data protection legislation.
If your organisation also only wants to receive marketing that you have consented to registration with the TPS works for you too. Sometimes reporting unwelcome telephone calls is routed through Action Fraud rather than the ICO.
First things first, recognise the difference between communication and marketing. Communication is a distribution of fact, for example a statement of account from a supplier showing how many of your orders still haven’t been paid. Adding links to “special offers” to that statement is marketing.
Electronic marketing is, again, covered by the PECR and includes text messages as well as emails. What is being looked at, as I write this blog, is the use of personal information embedded in social media sites to drive marketing campaigns. Targeting individuals who live in the right area, are of the right age, etc. are used so that organisations find likely targets for their products. These are things we often input as it helps our friends, and/or family, to find us on the platforms and keep up to date with their personal lives. The questions that is trying to be answered is “Why can someone – who I don’t know – use my information to direct their goods and services at me”. We await the outcome.
Marketing Issues and the Individual
If you want to contact the ICO, as an individual, call the ICO on 0303 123 1113, or log onto their website, ico.org.uk, to make a complaint about how you feel your data is being mis-used. Don’t forget to use the TPS, it’s free and can remove a lot of hassle for you.
There is so much more information available, some of it very detailed. Please look through the other blogs and see if the information you want is provided. If not, we would be pleased to answer your enquiry through firstname.lastname@example.org.