Following on in many ways from my recent blog about What Constitutes Personal Data in B2B (and I recommend reading it in conjunction with this, in order to have a full understanding – Click HERE to read), I thought it worthwhile expanding to a related subject – that of what you can and can’t do with personal data that has either been shared with you or made publicly available information.
Take LinkedIn, For Example
The inspiration for this blog comes largely from comments I’ve seen on LinkedIn regarding people’s understanding of how and when personal data can be used.
One person asked to what extent personal data on LinkedIn could be used in a Business to Business context (First Degree Connections on LinkedIn get to see one another’s a personal email address and direct dial / mobile tel no). The short answer is certainly for contact purposes, but not if that contact purpose is direct marketing.
Another comment (whilst advising that every care was taken with personal data held) stated that any information gathered from a public source, i.e. publicly available information, is open to being marketed to. This is incorrect, so please read on.
What About Contact Details on the Side of Vans?
Upon visiting a networking event, the group leader suggested to the members that they should jot down the phone number and email address on the side of any commercial vans they see, for example when purchasing fuel at a filling station, then contact them later and invite them to the networking meeting.
Whilst this might seem like an innovative way of generating higher attendance figures, it could be in breach of the regulations regarding direct marketing. That company may be registered with the Telephone Preference Service or Corporate Telephone Preference Service (TPS / CTPS)? An invitation to a meeting constitutes direct marketing after all, so the rules regarding screening against the TPS & CTPS registers apply.
As for emails, well if it’s generic (info@ / sales@ etc), then fine, email away, as these types of emails don’t constitute personal data (though I imagine you’ll need to send a lot of emails to have any degree of success). If, however, it’s a personal email, i.e. directed to a named individual (joanne@ / steve@), then this does constitute personal data and as such, regardless of it’s being publicly available, the individual’s consent is still required for direct marketing purposes.
Using Search Engines, Websites and Directories
If I had £1 for every time I heard about somebody using these tools to get their marketing leads, I’d be a rich lady! Notwithstanding the fact that many of these tools expressly prohibit their use for direct marketing purposes, I’d wager that the success rate for most would be so low that any benefit would be outweighed by the time and effort spent trawling them in the first place.
You see, whilst this is indeed publicly available information, what info gathered from search engines, websites, directories and the like don’t tell you is whether or not the company/person has consented to be contacted for direct marketing. Given that there is no indication of either consent OR of their inclusion on the TPS register, you run the risk of breaching the rules by using this method. If this forms part of your direct marketing strategy, please take note and change your strategy!
How About Business Cards Gathered from Networking etc?
You may have picked up a theme here, but to be absolutely clear, obtaining business cards does not in itself give you the right to contact that person for marketing purposes. The exchange of a business card insinuates a desire to discuss business, build a relationship and (hopefully) refer one another to third parties as and when opportunities arise. However, unless you specifically asked if you could market to them, maybe send them your monthly newsletter or add them to your marketing database, and they agreed, then you may not assume that they are open to being marketed to.
Publicly Available Doesn’t Mean Consent Has Been Given
Any belief that publicly available information can be used for any reason, simply because it’s “Out there” in the world, is ill-founded. Just because somebody’s personal data is publicly available, doesn’t mean that you have that person’s consent to conduct direct marketing to them. That cannot be assumed in any circumstances.
To Summarise
Whatever the situation and whatever the reason, before conducting direct marketing using somebody’s personal data, you need to ask yourself “Do I know that this person has consented to be contacted for marketing purposes?” If the answer is no, don’t do it.
If you’re still unclear, the ICO has published a useful, comprehensive Direct Marketing Guide. It covers just about everything you need to know, in order that you remain compliant when conducting your direct marketing campaigns. Click HERE to read it.
