GDPR Recommend a Friend Question
Discussion
We promote a 'Recommend a Friend' scheme at work, where if a customer gives our details to one of their friends, family, colleagues etc who then takes out business with us, we give them both a thank you cash reward.
We are thinking of changing the emphasis around communication on this, where we ask the original customer to actually give us the contact number and email of their friend, family, colleague etc and we then get in touch with that recommended person directly.
Are we able to do this under GDPR regulations? Would it differ between a B2C and a B2B customer?
We are thinking of changing the emphasis around communication on this, where we ask the original customer to actually give us the contact number and email of their friend, family, colleague etc and we then get in touch with that recommended person directly.
Are we able to do this under GDPR regulations? Would it differ between a B2C and a B2B customer?
Because of Brexit, GDPR is no longer valid in the UK. However, as part of our abolition of EU bureaucracy, we have created our own version of GDPR which replaces the original GDPR rules -
Upon leaving the EU on January 1, 2021, the UK is officially not a part of the EU's GDPR any longer, i.e. the EU's GDPR does not have any domestic jurisdiction in the UK as it had from May 2018. The UK has passed its own version called the UK-GDPR, which alongside the Data Protection Act of 2018, is in effect now.
Upon leaving the EU on January 1, 2021, the UK is officially not a part of the EU's GDPR any longer, i.e. the EU's GDPR does not have any domestic jurisdiction in the UK as it had from May 2018. The UK has passed its own version called the UK-GDPR, which alongside the Data Protection Act of 2018, is in effect now.
warp9 said:
We promote a 'Recommend a Friend' scheme at work, where if a customer gives our details to one of their friends, family, colleagues etc who then takes out business with us, we give them both a thank you cash reward.
We are thinking of changing the emphasis around communication on this, where we ask the original customer to actually give us the contact number and email of their friend, family, colleague etc and we then get in touch with that recommended person directly.
Are we able to do this under GDPR regulations? Would it differ between a B2C and a B2B customer?
No. You can’t. Certainly not for a B2C contact. We are thinking of changing the emphasis around communication on this, where we ask the original customer to actually give us the contact number and email of their friend, family, colleague etc and we then get in touch with that recommended person directly.
Are we able to do this under GDPR regulations? Would it differ between a B2C and a B2B customer?
PECR regs state you need consent to directly market via email. Another individual passing on details is not GDPR level consent.
This comes from my wife who runs Data Protection for a large healthcare co.
Broadly agree with the above. Marketing emails typically rely on Consent, which you clearly don't have here. Which means you're falling back on Legitimate Interest as your justification for retaining their data and sending emails - for B2C prospects that you don't currently have a relationship with, this is probably going to a hard one to show.
Eric Mc said:
Because of Brexit, GDPR is no longer valid in the UK. However, as part of our abolition of EU bureaucracy, we have created our own version of GDPR which replaces the original GDPR rules -
Upon leaving the EU on January 1, 2021, the UK is officially not a part of the EU's GDPR any longer, i.e. the EU's GDPR does not have any domestic jurisdiction in the UK as it had from May 2018. The UK has passed its own version called the UK-GDPR, which alongside the Data Protection Act of 2018, is in effect now.
I thought, evidently incorrectly, that all EU mandates worked that way. The EU passes the regs, which each country enacts by implementing them in their own regulatory or legal framework.Upon leaving the EU on January 1, 2021, the UK is officially not a part of the EU's GDPR any longer, i.e. the EU's GDPR does not have any domestic jurisdiction in the UK as it had from May 2018. The UK has passed its own version called the UK-GDPR, which alongside the Data Protection Act of 2018, is in effect now.
You learn something new every day.
DanL said:
Eric Mc said:
Because of Brexit, GDPR is no longer valid in the UK. However, as part of our abolition of EU bureaucracy, we have created our own version of GDPR which replaces the original GDPR rules -
Upon leaving the EU on January 1, 2021, the UK is officially not a part of the EU's GDPR any longer, i.e. the EU's GDPR does not have any domestic jurisdiction in the UK as it had from May 2018. The UK has passed its own version called the UK-GDPR, which alongside the Data Protection Act of 2018, is in effect now.
I thought, evidently incorrectly, that all EU mandates worked that way. The EU passes the regs, which each country enacts by implementing them in their own regulatory or legal framework.Upon leaving the EU on January 1, 2021, the UK is officially not a part of the EU's GDPR any longer, i.e. the EU's GDPR does not have any domestic jurisdiction in the UK as it had from May 2018. The UK has passed its own version called the UK-GDPR, which alongside the Data Protection Act of 2018, is in effect now.
You learn something new every day.
But again it's largely irrelevant as UK-GDPR is a copy-and-paste of the EU rules and the practical differences are pretty much zero.
Eric Mc said:
I was being a bit facetious. One of the selling points for Brexit is that it would relieve us of Brussels imposed bureaucracy
50 years of accumulated red tape can't be undone overnight unfortunately. So making a parallel version is the quick easy way to start with, then untangle later if appropriate.Brexit Schmexit.
Sadly, finding a bureaucratic solution to an issue that 99% of the population did not give two f
ks about is not the exclusive province of the European Commission; our own people are more than capable of doing it all by themselves, and in the past often gold-plated what Brussels mandated anyway.
Sadly, finding a bureaucratic solution to an issue that 99% of the population did not give two f
ks about is not the exclusive province of the European Commission; our own people are more than capable of doing it all by themselves, and in the past often gold-plated what Brussels mandated anyway.Hold on just a second...
So customer A can recommend potential customer B for some discount and a good night out?
Therefore, request potential customer B completes an online form, explaining who recommended them, with a suitable explanation that both parties will be contacted and verified, stored and bothered.
It's the act of A passing over B's details without their consent which is tricky.
Not A and B getting a bit of free stuff, so make it easy for everyone and explain that's the deal for getting their information.
Loads of companies do this without any bother at all.
Here you go, use Sky's example: https://www.sky.com/help/articles/introduce-a-frie...
So customer A can recommend potential customer B for some discount and a good night out?
Therefore, request potential customer B completes an online form, explaining who recommended them, with a suitable explanation that both parties will be contacted and verified, stored and bothered.
It's the act of A passing over B's details without their consent which is tricky.
Not A and B getting a bit of free stuff, so make it easy for everyone and explain that's the deal for getting their information.
Loads of companies do this without any bother at all.
Here you go, use Sky's example: https://www.sky.com/help/articles/introduce-a-frie...
Simpo Two said:
Eric Mc said:
I was being a bit facetious. One of the selling points for Brexit is that it would relieve us of Brussels imposed bureaucracy
50 years of accumulated red tape can't be undone overnight unfortunately. So making a parallel version is the quick easy way to start with, then untangle later if appropriate.Gassing Station | Business | Top of Page | What's New | My Stuff