Compliance
Beyond GDPR
While GDPR hit the headlines in 2018 and raised consciousness of the legal requirements for the handling of personal data in Europe, it's not the only law that applies to handing of data. While this is not intended as a comprehensive guide to data legislation across the globe, key regulations that apply to marketing data sets are summarised here.
Geographically distributed data may be subjected to legislation outside of the UK / EU and the equivalent local legislation needs consideration.
We've prepared a Compliance Checklist covering the requirements of the legislation highlighted below. To download a copy click on the "Compliance Checklist" button below.
View our practical GDPR Compliance Checklist to ensure you meet the requirements
Data Protection Act
Following the GDPR update to the Data Protection Act in the UK, the Information Commissioner's Office published a handy self-assessment tool to enable companies to determine their compliance with the regulations. Don't worry, the result of your self-assessment will not be used against you. It simply summarises your compliance status in a very helpful "traffic light" report with required remedial actions.
ePrivacy Directive (PECR)
Applying to email, telephone and web-based communications (not post), the Privacy and Electronic Communications Regulations was first released in 2003, updated in 2011 and was due a further update in 2019 to bring it into line with GDPR. This update is in limbo following the rejection of the proposed changes. PECR and GDPR work side-by-side on electronic communications using personal data - GDPR relates to the processing of personal data, while the PECR relate specifically to electronic marketing.
Preference Services
Individuals can register with any of the following preference services and in doing so, restrict marketing contact through the medium. These services must be consulted before using an individual's data for marketing purposes
In addition all web browsers support a "Do Not Track" tag enabling users to opt-out of tracking. This is not a mandatory preference service but is considered best practice.
Additional data management regulations apply to Payment Services and Public Sector organisations.
View our practical GDPR Compliance Checklist to ensure you meet the requirements.