Processing personal data—direct marketing
Processing personal data—direct marketing

The following Risk & Compliance practice note provides comprehensive and up to date legal information covering:

  • Processing personal data—direct marketing
  • What is direct marketing?
  • Regulatory regime
  • GDPR
  • PECR 2003—unsolicited telephone, fax and electronic marketing
  • PECR 2003—solicited marketing and market research
  • Other applicable regulations and codes
  • Failing to comply
  • Postal and other non-electronic marketing
  • Lawful grounds for processing under the GDPR
  • More...

IP COMPLETION DAY: 11pm (GMT) on 31 December 2020 marks the end of the Brexit transition/implementation period entered into following the UK’s withdrawal from the EU. At this point in time (referred to in UK law as ‘IP completion day’), key transitional arrangements come to an end and significant changes begin to take effect across the UK’s legal regime. This document contains guidance on subjects impacted by these changes. Before continuing your research, see Practice Note: What does IP day mean for Risk & Compliance?

This document reflects the UK GDPR regime. References and links to the GDPR refer to the UK GDPR (Retained Regulation (EU) 2016/679) unless expressly stated otherwise.

This Practice Note sets out the compliance implications of the General Data Protection Regulation (GDPR) on direct marketing. It also reflects the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR 2003), SI 2003/2426. The main challenge with direct marketing is piecing together what is permitted under the GDPR and PECR 2003. This will vary depending on your marketing activity and target audience.

PECR 2003 is due to be replaced by an EU ePrivacy Regulation, but the timing for implementation is unclear. The impact of the ePrivacy Regulation is explained below at Proposed ePrivacy Regulation.

For a quick guide of whether your proposed marketing activities require consent, see:

  1. Direct marketing decision tree—email and other electronic marketing—data protection

Popular documents