GDPRs, those Pesky Peckers and the E-mail Trail : a look at the law and what it means for e-mail marketing by Tracey O'Connell
•Télécharger en tant que PPTX, PDF•
2 j'aime•269 vues
Digital Marketing Summit Southampton 2018, Tracey O'Connell, Southampton, #Dmsso18, #DMSSO, #DigitalMarketing @_Lawpoint
Recommandé
Recommandé
Contenu connexe
Tendances
Tendances (10)
Similaire à GDPRs, those Pesky Peckers and the E-mail Trail : a look at the law and what it means for e-mail marketing by Tracey O'Connell
Similaire à GDPRs, those Pesky Peckers and the E-mail Trail : a look at the law and what it means for e-mail marketing by Tracey O'Connell (20)
Plus de Eventz.Digital
Plus de Eventz.Digital (20)
Dernier
Dernier (20)
GDPRs, those Pesky Peckers and the E-mail Trail : a look at the law and what it means for e-mail marketing by Tracey O'Connell
- 1. The e-mail trail: GDPRS and those Pesky Peckers
- 2. Housekeeping • Welcome • Lawpoint - Tracey and team • Consents !!! • All about e-mail marketing • Slides will be available on www.law-point.co.uk next week - website code: Wx3!r7F - will announce on twitter – follow us @_Lawpoint • Questions – at end / coffee after Tracey/ Alison
- 3. Contents PART 1 – Who are the players and what’s happening PART 2 – Bigger legal picture PART 3 – GDPRs PART 4 – Those pesky PECKERS !!! PART 5 – Consent PART 6 – E-mail marketing models PART 7 – DMC Client perspective PART 8 – Summary
- 4. Who are the players and what’s happening? PART 1
- 5. Who are the players and what’s happening (1)?
- 6. Who are the players and what’s happening?(2)? Model 1 – Client outsources e-mail marketing to DMC CLIENT DMC RECIPENTContact database
- 7. The legal bigger picture PART 2
- 8. Bigger Picture – 2 laws – GDPRs and Pesky Peckers GDPR • About personal data to send the email to the relevant audience (contact database) • Legal roles- processor/ controller • Audience = data subject – any individual • DM permissible !!! But ,,,, pecrs • If consent is required under PECRS then GDPR rules on consent apply. PECRS • Not about personal data • The act of sending direct marketing comms • Distinguishes between individuals/ corporate subscribers [ watch this space!] • Consent required from ind to send the email
- 9. GDPRs PART 3
- 10. GDPRs (1) - Contact database • It’s all about personal data and GDPR legal grounds (later!!) for using personal data to market • Personal data and emails: names and emails [other] re: recipients • No ownership in personal data • Separate intellectual property rights (e.g database rights) • Emails –personal data? - traceyoconnell@Hotmail.co.uk - yes - barbar@busties.wanadoo.co.uk – if can be matched to tracey by some- one else/ anyone else [ who would go through list to find all of these non identifiable ones and ensure no database to link to name] • Roles – DC/ DP
- 11. GDPRs (2) Legal data protection roles
- 12. GDPRs (3) - labels Data Controller Data Processor Data Subject the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data; Decides what data is being collected and why it is being collected a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller Does what the controller tells it to do with the data ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’) Individual which data relates to
- 13. GDPRs (4) Model 1 with data protection labels CLIENT DMC RECIPENTContact database DC DP DS
- 14. GDPRs (5) – legal grounds – data controller But………..remember those pesky Peckers …. Relevant legal grounds for using personal data for direct marketing Consent Legitimate Interest Legal grounds 6 legal grounds Must choose one of them
- 16. Those pesky Peckers (1)….. • The Privacy and Electronic Communications Regulations 2003 • Deal with Direct marketing/ Cookies and other stuff! • Why are they pesky? - they apply in addition to the GDPR – say when consent is needed - they are about to change - grrrrrr!!!!
- 17. PECRs (2) Consent – relationship with GDPRS PECRS Say WHEN consent is needed when you are direct marketing Current law: GDPRS Say WHAT the standard of consent is. There is a legal definition: any freely given, specific, informed and unambiguous indication of the data subject’s wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her” GDPR Article 4 (definitions) Individual Opt in Cannot send unless they say you can Corporate Subscriber Opt out Can send unless they say you can’t. Law does not use opt in /opt out, but ICO does
- 18. PECRs (3) Consent – When is it needed to send marketing emails?– current law Consumer/unincorporated partnership/ sole trader barbar@busties@btinternet.com tracey@law-point.co.uk (if not limited) Corporate subscriber tracey@law-point.co.uk (if limited) Opt in Opt Out Soft opt –in (obtained contact details of the recipient in the course of) • For providing goods and services • Negotiation for sale Doesn’t apply to individuals PECRS are silent BUT ICO guidance says opt-out
- 19. PECRs (4) – When is consent needed to send marketing emails?– new law Consumer/unincorporated partnership/ sole trader barbar@busties@btinternet.com tracey@law-point.co.uk (if not limited) Corporate subscriber tracey@law-point.co.uk (if limited) Opt in Opt Out Soft opt –in (obtained contact details of the recipient in the course of) • For providing goods and services • Negotiation for sale Doesn’t apply to individuals PECRS are silent BUT ICO guidance says opt-out
- 20. What does opt-in consent mean? PART 5
- 21. Consents – what does “opt-in” mean? Please tick here to receive marketing emails from DMC about DCM’s services [ ] Please tick here to receive marketing emails from DMC about DCM’s services [ ] If you don’t want to receive marketing emails from DMC about DCM’s services please tick here [ ] If you don’t want to receive marketing emails from DMC about DCM’s services please tick here [ ]
- 22. Model 1 summary DC DP DS Consent
- 24. Model 2 – Client buys e-mail list from DMC
- 25. Model 2 - Client buys email list from DMC DMC CLIENT RECIPENT DC
- 26. Model 2(b) – Client rents e-mail list from DMC
- 27. Model 2 (b) – Client rents email list from DMC Renting Consent DC
- 28. Model 3 – DMC markets client business to market by selling advertising space on email to DMC contacts
- 29. DC DS Model 3 – DMC markets client business to market by selling advertising space on email to DMC contacts Consent BUT….
- 30. Email content eg: CAP code, un-subscribe, company details Contract
- 32. The DMC client perspective • Client awareness varies - sometimes mis-informed (an opportunity?) : generally an increased awareness of - Consent risk - Liability - Buying third party lists • More focus on contracts • GDPR legal position will depend on “what’s happening” • What are you doing: - lead generation - campaign management
- 33. Summary PART 8
- 34. Summary Don’t let go of the until all the pieces are in place! If you know who’s doing what and what’s happening you’ll be in a better position to manage clients expectations, the contracting process and the risks associated with your e-mail marketing model.
- 36. Law point services • Contract/ terms and conditions drafting, reviewing and negotiation • Training – on-site/ off- site • Outsourced in-house lawyer • Outsourced DPO • Data protection advice and policies • Risk management Digital Law Scrum ….. and Bacon !!!! www.law-point.co.uk