Email marketing – do your due-diligence or get fined
The ICO has released details about an investigation and enforcement action they have taken against a number of companies involved in email marketing. This is a complex case which involved a company promoting their services and a number of email list suppliers. The relationship between these companies is complicated but there was no clear contractual relationship between the various parties, and a lack of evidence of due diligence by the company promoting their services, the aggregator, and the list providers.
The moral of the story is that due diligence is vital. You must ensure that you have contracts with any suppliers, have completed appropriate checks before you sign such contracts, and that you have completed ongoing due diligence. You must be able to produce an audit train of the contracts / checks / due diligence if asked and demonstrate that you have taken all reasonable steps to protect the rights of the data subjects involved.
This case resulted in a huge fine. You can see the details here.
If any of this sounds like you then give us a call to discuss. Due diligence is not complicated you just need to make sure you do it.
Good luck all.
Contact Us
Hope you find this useful. If you need an EU Rep, have any GDPR questions, or have received a SAR or Regulator request and need help then please contact us anytime. We are always happy to help...
GDPR Local team.
Recent blogs
Article 14 Guide: Meeting Regulatory Requirements for Personal Data Not Directly Obtained from Data Subjects
Imagine a software-as-a-service (SaaS) company looking to grow its clientele by purchasing leads fr
Meet the GDPRLocal Team: Sibel Amet
Data protection is not an easy job, and sometimes it can get overwhelming. Working as a team, like
Empower Your AI Strategy: A Guide to ISO/IEC 42001 Implementation
In our recent blogs “The EU’s Artificial Intelligence Act and Its Implications for Business”