Email marketing – do your due-diligence or get fined
The ICO has released details about an investigation and enforcement action they have taken against a number of companies involved in email marketing. This is a complex case which involved a company promoting their services and a number of email list suppliers. The relationship between these companies is complicated but there was no clear contractual relationship between the various parties, and a lack of evidence of due diligence by the company promoting their services, the aggregator, and the list providers.
The moral of the story is that due diligence is vital. You must ensure that you have contracts with any suppliers, have completed appropriate checks before you sign such contracts, and that you have completed ongoing due diligence. You must be able to produce an audit train of the contracts / checks / due diligence if asked and demonstrate that you have taken all reasonable steps to protect the rights of the data subjects involved.
This case resulted in a huge fine. You can see the details here.
If any of this sounds like you then give us a call to discuss. Due diligence is not complicated you just need to make sure you do it.
Good luck all.
Here at GDPRlocal, we get lots of questions about what exactly an EU Representative is, what
The ICO recently released the results of a survey they created as part of their strategic plan to e
Breaching the GDPR can cost you up to €20 million, or 4% of annual global turnover, whichever is