Direct marketing risk management guide
Produced in partnership with Hamish Corner (Partner) and Katie-Claire Lloyd (Associate) of Penningtons Manches LLP
Direct marketing risk management guide

The following Risk & Compliance practice note produced in partnership with Hamish Corner (Partner) and Katie-Claire Lloyd (Associate) of Penningtons Manches LLP provides comprehensive and up to date legal information covering:

  • Direct marketing risk management guide
  • Top five priorities
  • 1. Consider the application of UK GDPR
  • Establish a lawful basis to justify your marketing
  • Tell people what you are doing with their data
  • Keep evidence of compliance
  • Direct marketing and the UK GDPR—action list
  • 2. Consider the application of PECR 2003
  • Consider the marketing channels you will use
  • Is it solicited or unsolicited marketing?
  • More...

The rules on direct marketing affect almost every organisation in the UK. Deciding whether you can engage in a marketing campaign involves navigating your way through a complex framework of legislation, regulations and voluntary codes of practice. See Practice Note: Direct marketing.

Like most organisations, you are likely to invest substantial time and effort in your marketing activities, but you must also allocate sufficient resources to ensure compliance with the rules. In short, this involves consideration of the following:

  1. data protection and privacy law, eg the UK General Data Protection Regulation (UK GDPR) and Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR 2003)

  2. consumer protection legislation, eg the Consumer Protection from Unfair Trading Regulations 2008 (CPUTs)

  3. codes of practice, eg Code of Non-broadcast Advertising, Sales Promotion and Direct Marketing (CAP) Code and Direct Marketing Association Code (DMA Code)

  4. other advertising and direct marketing law, where relevant. See Practice Note: Advertising law and regulation

Failing to comply with the rules could have serious consequences. As well as exposing your organisation to adverse publicity and reputational damage, you risk regulatory referral by customers and competitors.

This, in turn, could result in action being taken by the Information Commissioner’s Office (ICO), Advertising Standards Authority (ASA), the Direct Marketing Commission and/or the Competition and Markets Authority (CMA), which could mean significant fines, legal action and even criminal prosecution.

Data protection and

Related documents:

Popular documents