Email marketing – do your due-diligence or get fined
The ICO has released details about an investigation and enforcement action they have taken against a number of companies involved in email marketing. This is a complex case which involved a company promoting their services and a number of email list suppliers. The relationship between these companies is complicated but there was no clear contractual relationship between the various parties, and a lack of evidence of due diligence by the company promoting their services, the aggregator, and the list providers.
The moral of the story is that due diligence is vital. You must ensure that you have contracts with any suppliers, have completed appropriate checks before you sign such contracts, and that you have completed ongoing due diligence. You must be able to produce an audit train of the contracts / checks / due diligence if asked and demonstrate that you have taken all reasonable steps to protect the rights of the data subjects involved.
This case resulted in a huge fine. You can see the details here.
If any of this sounds like you then give us a call to discuss. Due diligence is not complicated you just need to make sure you do it.
Good luck all.
Hope you find this useful. If you need an EU Rep, have any GDPR questions, or have received a SAR or Regulator request and need help then please contact us anytime. We are always happy to help...
GDPR Local team.
GDPR – Age-Appropriate Design
How To Ensure the Data Protection of Children During Product Design Nowhere is data protecti
Change to UK Data Protection
GDPR Changes: What’s Happening With the Digital Protection and Digital Information Bill?
GDPR Local: Supplier Evaluation
How Do You Know Your Suppliers Are GDPR Compliant? We explain why you should make GDPR evalu