The information that follows is for advice and does not constitute legal advice , if you are in any doubt about your compliance or how you work then please seek legal advice.
There are 2 laws you have to be aware of when sending out marketing material, the Data Protection Act and the Privacy and Electronic Communications Regualtions.
The Data Protection Act
Any one who processes personal information must comply with eight principals to make sure that personal information is:
- Fairly and lawfully processed
- Processes for limited purposes
- Adequate, relevant and not excessive
- Accurate and up to date
- Not kept for longer than is necessary
- Processed in line with your rights
- Not Transferred to other countries without adequate protection.
Full details of the eight principals are found at the ICO
The DPA requires any organisation from large corporations to sole traders need to register if they are processing personal information. Not sure if you need to register then there is a quick online self assessment which you can take to see if you have to register. Online Self Assessment
Privacy and Electronic Communications Regulations PECR
If you wish to contact your existing customers or market to potential customers ten you will need to comply with the following regulations which changed on 26th May 2011
The Privacy and Electronic Communications Regulations apply to you if you send marketing and advertising material by electronic means such as telephone, fax, email, texts and an automated calling systems.
New Rules on Cookies
A cookie also known as a web cookie or browser cookie is a bit of data that a website puts on your computer for future reference. So when you go back to that website the site already knows a bit about you such as your browsing habits, when you last came to site. Cookies them selves cannot contain viruses or install malware and are traditionally used to make your experience with the website more pleasurable and more tailored to you.
For full cookie information and compliance see the following
The Data Protection Act applies to you if you are processing personal data i.e. if you know the name of that person, if you do not know their name then Data Protection does not apply however if after you call you know their name then the DPA applies.
Solicited and Unsolicited
A Solicited message is a message that your customers have actively invited or signed up for, an unsolicited message is one where they have not actively invited but do not object to receiving. However they must have opted in at some point to receiving messages from you and you must have proof of this.
An individual must knowingly give consent to hear from you read more...
Opting in and opting Out
The method by which you obtain consent may vary but in all cases people you contact must be aware that they are consenting and what exactly they are consenting too.. Not clear then see more...