Get Free Downloads
Start your GDPR today in just a few clicks
Get Free Downloads
Start your GDPR today in just a few clicks

Important GDPR Info

by Adam Brogden
in Blog

22-Nov-2018 09:49

The Privacy and Electronic Communications Regulations (PECR) are related to sending emails and SMS. These run along side GDPR and have been used many times by the ICO to issue fines and enforcement notices.

PECR has just been amended to enable the ICO to impose a monetary penalty on an officer of a corporate body in addition to the body itself, where a breach occurs of regulations 19-24 as a result of action, or inaction, by that officer in the UK. The Regulations will come into force on 17 December 2018.

The most common cause of complaint is that the company sending the emails or SMS did not have consent to do so. To avoid these penalties make sure that you have a cast iron lawful basis for sending marketing emails and text messages including:

  1. Where, when and how you captured the consent

  2. The actual privacy policy that was in place at the time you collected the consent and proof that the person has access to the policy

  3. The warning/instructions/information on the page at the time you collected the consent [yes, really. Ideally you should have a copy of the screen that was displayed]

  4. Evidence that you have allowed the person to opt-out every time you send a message.

  5. Using soft opt-ins is dicing with death. Be very careful if you are using this as your lawful basis

This is a very much simplified version of what PECR means to marketing companies. Please feel free to call if you want to discuss.

This is important! I have come across many people that have fallen foul of PECR.

Good luck all.