Privacy and data protection in direct marketing
Electronic, email and telephone marketing regulations
There are different rules governing the various methods of marketing.
The rules covering electronic mail marketing apply to any message that consists of text, voice, sound or images, eg email, voicemail, SMS and messaging apps.
You can only carry out marketing by electronic mail if the individual you are sending the message to has given you their consent.
There is an exception to this rule, known as the 'soft opt-in' that applies where:
- You have obtained the individual's details in the course of a previous sale or the negotiations for a previous sale of a product or service to that person.
- The individual did not opt out of marketing messages. (The opt-out option should allow the individual to reply directly to the message. In the case of text messages, an individual could opt out by sending a stop message to a short code number, for example, text 'STOP' to 12345. The only cost should be the cost of sending the message.)
- Individuals can opt out of receiving marketing at any time and you must comply with any opt-out requests promptly.
- The future messages are only marketing your similar products or services. On this basis, there is the assumption that individuals are probably happy to receive marketing from you about similar products or services even if they haven't specifically consented.
- The soft opt-in rule does not apply to prospective customers, new contacts (e.g. from bought-in lists) and non-commercial promotions (e.g. charity fundraising or political campaigning).
For more advice on the rules when sending promotional emails, see email marketing.
Email marketing to organisations
If you are sending marketing to organisations, you don't have to have their consent but you must include the name of your business in the email and provide a valid address where opt-out requests can be sent. However, if you have an email address which is 'personal data', for example firstname.lastname@example.org, the individual employees of that organisation still have the right to prevent that email address being used for direct marketing.
You can't make unsolicited telephone calls to an individual or organisation who has told you they do not want your calls, or has registered with the Telephone Preference Service (TPS). To comply with PECR organisations should screen the list of numbers they intend to call against the TPS register.
The same rules apply to marketing calls made to businesses. Sole traders and partnerships may register their numbers with the TPS in the same way as individual consumers, while companies and other corporate bodies register with the Corporate Telephone Preference Service (CTPS). So organisations making business-to-business marketing calls will need to screen against both the TPS and CTPS registers.
You cannot make automated calls (pre-recorded phone messages) without getting the individual or organisation's specific consent first.
Organisations cannot send marketing faxes to individuals (including sole traders and some partnerships) unless they have agreed to receive them and provided their specific consent.
You can send marketing faxes to companies (or other corporate bodies) without consent, but you can't send faxes to those who have registered their number on the Fax Preference Service (FPS) unless they have specifically said that they do not object to those faxes.
Again, to comply with PECR, you will need to screen the list of numbers that you intend to fax against the FPS register.