07721 402700

Business-to-business (B2B) direct marketing to many people is just email marketing; but what impact will the new General Data Protection Regulations (GDPR), effective from 25th May, have on your campaigns?

This article is the third of three providing observations and practical tips about maintaining contact with your existing customers and new contacts in order to develop and keep your database compliant after GDPR takes effect. PLEASE NOTE THIS ARTICLE IS NOT INTENDED TO BE DEFINITIVE ABOUT GDPR ITSELF. The regulating body, the Information Commissioner’s Office (ICO), have lots of GDPR guidance on their website.



Though the ICO’s focus may well be responding to consumer complaints and large data breaches from well-known high street and online brands; this doesn’t mean smaller B2B businesses can consider themselves ‘under the radar’. The ICO has already made examples of businesses breaching the existing regulations.

You may decide to carry on using the ‘opt-out’/unsubscribe option in the footer of your emails; hoping the content is of legitimate interest/relevancy. Others may feel that the ICO will, as above be busy elsewhere, and are sure that they have no disgruntled ex employees, customers or indeed competitor who may want to report or make a complaint about your organisation…

Paul Bennett, Professional Practices & Employment Partner at law firm Aaron & Partners offered this view on how email for B2B marketing activities should be used after 25th May  “The GDPR material suggests all will need to be opted in as you will be using someone’s personal data to market to them and the database creation will impact on data use. I suspect the Data Protection Bill and ICO guidance may amend this but I would be getting a specific consent to continue the contact if it was my list and I wanted to continue to use it.

In addition the B2B and consumer distinction is not preserved under current proposals – but the definitive position may not be known until just before the implementation date. The direct marketing rules created by the Privacy and Electronic Communications (EC Regulations) Regulations 2003 (PECR) stem from a different EC Directive to data usage and hence the direct marketing rules are unaffected by the GDPR changes and PECR will continue to sit alongside the data regime. This means in practical terms the database is the GDPR challenge – not the marketing action itself”.

The Information Commissioner, Elizabeth Denham, stated that from 25 May, the ICO ‘won’t be taking a soft-touch approach to sanctions or allowing a further grace period’. Instead, the ICO will assume you are compliant and will act accordingly. In a recent issue of the Chartered Institute of Marketing’s Catalyst magazine Emma Robertson, CEO at digital consultancy Transform said ‘The spirit of GDPR is to put customers in charge of their data and how it is used’.

The word ‘spirit’ as opposed to ‘the letter of the law’ is important and your preparations should be mindful of both, but definitive statements may be hard to find. Especially as on the horizon is the revised ePrivacy directive, which could have just as big an impact as GDPR, once its scope/criteria has been agreed. ‘Ready for implementation in May 2018’ was the original aim but later in the year is more likely; it remains a moving target that needs monitoring for announcements.


  • The new General Data Protection Regulations (GDPR) take effect from 25th May 2018
  • The key issue for B2B marketers is consent to use contact data for marketing purposes
  • Your aim should be marketing data collection best practice ready for May 25th
  • The outcome of this may well be a smaller database, but one that should be more responsive.
  • Interpreting ‘legitimate interest’ could be an issue – a ‘get out‘ for some firms to keep sending emails?
  • The revised ePrivacy directive – ‘ready for implementation in May 2018’ – could have just as big an impact as GDPR once its scope has been agreed.
  • Be ready to respond swiftly to any enquiry received or generated – emails with standard text for a ‘double opt-in’ request, call guidelines for customer-facing staff etc.
  • If required, being able to show the ICO what your business is now doing differently with your marketing data collection will be important.


If you would like guidance or assistance with regard to your organisation’s marketing data collection activities please contact Jon Hepburn on 01743 266288 or via email to jon@fedoraconsutlancy.co.uk