GDPR and TLS Data – How We Comply
TLS Data have been supplying top quality UK and international business data for direct marketing since 1996. We work closely with a number of selected long-standing data partners, all of whom are established leaders in their particular fields and can demonstrate that they comply fully with all legislation, directives and industry best practice. This now of course includes the General Data Protection Regulation (GDPR).
About GDPR and PECR
GDPR is concerned with the collection, storage and processing of personal data. PECR (Privacy and Electronic Communications Regulations) includes additional rules that currently apply to electronic marketing communications – including email. Under these rules, “individual subscribers” are treated differently to “corporate subscribers”.
“Individual subscribers” covers people who work for non-limited or unincorporated businesses such as partnerships or sole traders. The rules require consent from individual subscribers for email marketing. B2B data providers throughout the industry have concluded that it is not viable to obtain the detailed level of consent now demanded. For this reason, TLS Data is no longer providing email addresses for individual subscribers.
“Corporate subscribers” are individuals working for limited companies and other incorporated organisations such as LLPs, and some government bodies. For corporate subscribers the rules do allow marketing to their email addresses without prior consent (with a clear unsubscribe or opt-out option to stop receiving emails from the sender), provided there is “legitimate interest”.
Recital 47 of the GDPR:
“The processing [using] of personal data for direct marketing purposes may be regarded as carried out for a legitimate interest”.
Legitimate Interest is the legal basis used by TLS Data Ltd and all our data partners to process the personal data of corporate subscribers.
We have assessed Legitimate Interest to be appropriate because the data subjects are business contacts within a corporate organisation who might reasonably expect to receive relevant marketing information in their role within the organisation.
Such information has potential benefits to the data subjects and their businesses, including:
Informing them of relevant new products and services, innovations, costs savings, efficiencies, developments and so on that may help them to meet their business and commercial objectives as well as their legal and environmental obligations.
These benefits are balanced against any impact on their rights, freedoms and individual privacy, which we believe on balance to be low or negligible.
This complies with GDPR, the Privacy and Electronic Communications Regulation (PECR), and the guidelines for the UK issued by the Information Commissioners Office (ICO).
If an individual objects to the processing of their personal data in this way, the processing is stopped.
Companies / individuals always have the right to object, or to remove their data. For this reason, update files containing any changes to the data we have already supplied will always be available (additional costs may apply).
Your obligations under GDPR
As well as purchasing GDPR-compliant data from TLS, please also bear in mind your own obligations under UK and EU regulations relating to your marketing communications and any other data you use or hold.
For more information and guidance, contact the UK’s independent authority, The Information Commissioners Office (ICO): https://ico.org.uk/