The General Data Protection Regulation (GDPR) - which replaces the Data Protection Act 1998 - has now become effective and is something which all businesses are expected to comply with.
The new system has now been formally introduced, but this is just the beginning. Going forward, agents will still need to review and maintain their data protection processes in line with the GDPR.
To help you on this road, in association with The ValPal Network, our panel of experts will regularly continue to answer GDPR-related questions. The GDPR Weekly column will now run on a bi-weekly basis, with the next edition due on June 12.
If you have a question you'd like to ask our experts, please get in touch on firstname.lastname@example.org.
How frequently should an agent ask its customers to update their marketing consent preferences?
Damon Bullimore, chief information officer at BriefYourMarket.com:
Under the GDPR, your business must determine for itself how long you will hold your data, and at what point you will ask your contacts to refresh consent or update their marketing preferences.
Although this provides your business with a degree of flexibility, it is imperative that consent is refreshed at regular intervals as this is considered best practice, and you must ensure your determined time periods for data storing and processing fall under reasonable expectations.
For more information about how you can store, process and market to your data in a GDPR-compliant manner, speak to us on: 0344 800 84 24.
Annemarie Proudfoot, head of customer relations at BestAgent:
You should ask consumers to update their marketing preferences as frequently as it makes sense to do so.
This is a business decision, not a legal one.
However, any changes to your system that affect customers need to be promptly communicated to them.
Meanwhile, you must make it possible for customers to be able to change their preferences at any time the like.
Bernard George, solicitor for Socrates Training Ltd:
Firstly, beware. If someone has opted out of marketing, you cannot email them to ask them if they want to opt back in…because that is marketing! Flybe was fined £70,000 for contacting people, asking if they wanted to opt back in.
Secondly, with electronic marketing (email or text) you have to offer an opt-out in every communication.
Thirdly, data should not be kept longer than necessary. So, in principle using ancient records of clients, addresses etc., might get you into bother, on the basis that you are keeping information too long.
But apart from that there is no fixed rule about inviting people to update their preferences.
Jon Baines, data protection advisor at Mishcon de Reya LLP:
Businesses should not, as a general rule, need to ask customers to update their marketing consent preferences.
I would recommend that with each communication sent, however, customers are invited to update the preferences, preferably by way of a link to a web 'dashboard', which gives the customer direct control over their preferences.
If someone is a customer, businesses will be able to use the 'soft opt-in' rule for sending electronic direct marketing, but each time they send a direct marketing message they should, in any case, be offering the opportunity to opt out in future.
The GDPR team at Mishcon de Reya comprises data protection experts as well as non-lawyer cyber security specialists. If you would like any advice on how to manage GDPR within your organisation, please contact Jon Baines.
*If you would like to receive further guidance from any of our GDPR experts, please click here.
Angels Media Ltd encourages you to seek additional guidance, including professional legal advice, to ensure that all of your business operations are ready for the GDPR.
Angels Media Ltd Legal Disclaimer:
The information contained here is for general guidance purposes only. It should not be taken for, nor is it intended as, legal advice.
We would like to stress that there is no substitute for making your own detailed investigations or seeking your own legal advice if you are unsure about the implications of the GDPR on your businesses.
While we have made every effort to ensure that the information covered here is correct and up to date, we Angels Media Ltd makes no promises as to completeness or accuracy and the information is delivered on an “as is” basis without any warranties, express or implied.
Angels Media Ltd will not accept any liability for errors or omissions and will not be liable for any damage (including, without limitation, damage for loss of business or loss of profits) arising in contract, tort or otherwise from the use of or reliance on this information or from any action or decisions taken as a result of using this information.