Quick GDPR question
Discussion
I may know the answer to this but just wanted to check this with the GDPR experts here.
We have partners who sell our products. We want to send out emails to their customers, on behalf of them, with offers etc. Our partners want us to do this for them as most have limited marketing resources.
However, this would mean them giving us their customer data and I am pretty sure that they can't give us their data for this.
Is there any way around this or other option?
We have partners who sell our products. We want to send out emails to their customers, on behalf of them, with offers etc. Our partners want us to do this for them as most have limited marketing resources.
However, this would mean them giving us their customer data and I am pretty sure that they can't give us their data for this.
Is there any way around this or other option?
It'll depend whether their customers have ticked a box to allow them to send their data out.
Their customers might have even asked not to be contacted for any marketing, even from them.
Ultimately, it's down to what permissions have been sought, if any.
I expect it's not a go-er, but ask and find out.
Their customers might have even asked not to be contacted for any marketing, even from them.
Ultimately, it's down to what permissions have been sought, if any.
I expect it's not a go-er, but ask and find out.
As said the first question is that have the customers given express permission to be contacted for marketing purposes, and that needs to be a positive affirmation not a failure to tick a box.
if that is the case then that select group of customers can have their data sent to you to manage that marketing communication but you will need to have a contract that states the ownership and usage of the data.
if that is the case then that select group of customers can have their data sent to you to manage that marketing communication but you will need to have a contract that states the ownership and usage of the data.
simon_harris said:
As said the first question is that have the customers given express permission to be contacted for marketing purposes, and that needs to be a positive affirmation not a failure to tick a box.
if that is the case then that select group of customers can have their data sent to you to manage that marketing communication but you will need to have a contract that states the ownership and usage of the data.
Ok, so a contract between us and our partner(s)?if that is the case then that select group of customers can have their data sent to you to manage that marketing communication but you will need to have a contract that states the ownership and usage of the data.
Frimley111R said:
simon_harris said:
As said the first question is that have the customers given express permission to be contacted for marketing purposes, and that needs to be a positive affirmation not a failure to tick a box.
if that is the case then that select group of customers can have their data sent to you to manage that marketing communication but you will need to have a contract that states the ownership and usage of the data.
Ok, so a contract between us and our partner(s)?if that is the case then that select group of customers can have their data sent to you to manage that marketing communication but you will need to have a contract that states the ownership and usage of the data.
Frimley111R said:
All B2B
It’s a year since I retired but the firm I worked for used to mailshot various lists we got from suppliers or give our list to the supplier for them to email to (which I particularly thought we shouldn’t do, as the list was our IP) and it never caused any problems. For B2B, I think you just claim legitimate interest anyway.
Surely if you are doing a mail shot to a list of companies GDPR is irrelevant if you do not have any personal information. GDPR is about protection of individuals' information, not company information. You could mail out to 'the CEO or MD' of the company with no names involved. Your client company should simply send you data cleansed of personal names.
MustangGT said:
Surely if you are doing a mail shot to a list of companies GDPR is irrelevant if you do not have any personal information. GDPR is about protection of individuals' information, not company information. You could mail out to 'the CEO or MD' of the company with no names involved. Your client company should simply send you data cleansed of personal names.
But they probably have company personal emails or their contacts at each company. Frimley111R said:
MustangGT said:
Surely if you are doing a mail shot to a list of companies GDPR is irrelevant if you do not have any personal information. GDPR is about protection of individuals' information, not company information. You could mail out to 'the CEO or MD' of the company with no names involved. Your client company should simply send you data cleansed of personal names.
But they probably have company personal emails or their contacts at each company. simon_harris said:
Shouldn't matter IIRC - B2B is effectively exempt from GDPR, the email address is owned by the business and isn't classed as PII.
This may not be the case if the email address uses your name (as the vast majority do). A name is personal data so even in B2B it's likely still covered by GDPR.https://ico.org.uk/for-organisations/direct-market...
It is a very narrow definition though - if you are a sole trader or small partnership - but I guess that will depend on the type of customer involved, I wouldn't like to be the one trying to cleanse that dataset!
so for the OP GDPR is still classed as applying in the B"B contact is a sole trader or some types of partnership. any corporate or LTD company is not classed as GDPR applying.
but back at the top of this thread if they have opted in and you have a clear contract about usage of the data then you should be fine.
so for the OP GDPR is still classed as applying in the B"B contact is a sole trader or some types of partnership. any corporate or LTD company is not classed as GDPR applying.
but back at the top of this thread if they have opted in and you have a clear contract about usage of the data then you should be fine.
Frimley111R said:
Thanks everyone. As said, there is some ambiguity. Some customers will be big companies and some will be one man bands. The only way to be safe is to get opt ins for all of them and I can't see that happening.
Articles I've seen say don't do that as the response rate will be tiny and then it's a bit awkward to keep emailing . Just send stuff and offer them an unsubscribe option.Sheepshanks said:
Frimley111R said:
Thanks everyone. As said, there is some ambiguity. Some customers will be big companies and some will be one man bands. The only way to be safe is to get opt ins for all of them and I can't see that happening.
Articles I've seen say don't do that as the response rate will be tiny and then it's a bit awkward to keep emailing . Just send stuff and offer them an unsubscribe option.Gassing Station | Business | Top of Page | What's New | My Stuff