HomeInsightsDirect Marketing Association publishes ten things B2B marketers need to know about GDPR and data protection

Article by

The DMA says that it receives many queries from the B2B marketing community around the GDPR. Many are concerned that commentary around GDPR focuses on B2C marketing.

Under the current rules B2B marketers are subject to fewer regulatory requirements than B2C marketers. The DMA explains that this is because Privacy and Electronic Communications (EC Directive) Regulations 2003 focus on protections for consumers. Marketing to corporate employees via electronic channels does not require consent under the Regulations.

These differences have led to confusion in the B2B marketing industry as to how they will be affected by the GDPR.

The DMA has therefore published ten things B2B marketers need to know about the GDPR:

  • the GDPR applies if an organisation is processing personal data;
  • B2B marketers use personal data and therefore the GDPR will apply to them too;
  • corporate email addresses and other contact details are personal data;
  • the GDPR definition of personal data is broad and includes cookies and IP addresses;
  • the GDPR does NOT state that organisations need to obtain an opt-in consent for their marketing;
  • the GDPR lays out six legal grounds for processing personal data, all of which are equally valid;
  • B2B marketers will be able to make use of the legitimate interest legal ground for their marketing activity in most instances;
  • legitimate interest is a subjective legal ground so an organisation must justify their activity and consider the privacy risks for data subjects;
  • consent is black and white. It is a yes or a no. However, it is a robust standard, which may be hard to achieve. If it is, the ICO have said legitimate interest might be the better choice; and
  • the GDPR is the overarching framework, but there are specific rules for the marketing sector from the 2003 Regulations, which are being revised and will become the new e-Privacy Regulation in the future.

The new e-Privacy Regulation could potentially require an opt-in consent for B2B marketing as it is currently worded. However, it is in draft form at the moment and is currently being debated by the EU Parliament and Council so the DMA says that “there is a long way to go and nothing is set in stone.” To read the DMA publication in full, click here.