Data protection and direct marketing


Barry Riley

Barry Riley

Collecting customer date for marketing purposes:

Generally, you can only go about collecting the information of your customers if you have a good reason for doing so (i.e. if you want to market new products to them, for example).

However, you must ensure that you are transparent with your intentions, and you must make sure that your customers are aware that you will be collecting their data for this purpose. The most effective way to do this is by issuing a fair processing notice (FPN). This is a notice given to an individual which explains what you will use their personal date for. If your business has a website, and intends to collect data using it, the website should include a prominent privacy statement with a FPN. Most websites will utilise a legally drafted Privacy Policy, where this will be covered.

Ensure that you always take legal advice if your business is planning to collect bank or credit card details, as there are security implications.

Storing data:

Security is an absolute must, when you are storing personal data of others. The information you hold must be kept secure at all times, without exception. Regularly reviewing databases will ensure that the data you hold is up to date and accurate.

It is important that you only store data for the purpose it is collected, and only for as long as it is required. The length of time that you store data for should not be excessive, but be a timeframe that could be thought of as “reasonable” when considering the purposes for which it was collected.

Opting In/Opting Out:

You must ensure that people are always given the opportunity to opt in or out of receiving marketing from your business. You should make this as simple as possible (i.e. by the use of an “unsubscribe” link in an e-mail).

Always retain details of any opt-out requests, so that individuals who have opted out are not contacted in the future. It is generally not acceptable to include pre-ticked opt-in boxes or to rely on customer silence as an indication to opt-in either.  Usually, a positive action is required from the customer.

For advice on data protection, and to ensure that you are compliant with the requirements under the Data Protection Act 1998, contact Barry Riley on 0117 9453 042 or



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s