We spend a lot of time worrying about the Data Protection Act (1998) when marketing here in the UK. It’s outdated and therefore unnecessarily restrictive.
It also means there’s a lot of misunderstanding and misinformation flying around about it.
When I worked at the American School in London we sought legal advise as early as 2005, and even then we were told it was impossible to uphold the Act to the letter, and the important thing was to demonstrate that we upheld the “spirit” of it! And that was seven years ago.
The Information Commissioner’s Office is a great place to go for useful information on how the Data Protection Act (1998) really impacts us.
Part of building your online community is that you’re going to want to communicate with them (sorry to state the obvious) and that means the law regarding how you can collect their addresses, and how you can use them becomes really important.
The big question has always been opt-in versus opt-out. Do we need users to give us express permission before we contact them, or can we assume (or even just hope) that they’re OK with it?
Here’s the relevant information straight from the Information Commissioner’s Office. To be honest, it’s better than most people think.
Electronic mail marketing
The most important thing to remember is that you can only carry out unsolicited electronic marketing if the person you’re targeting has given you their permission.
However, there is an exception to this rule. Known as the ‘soft opt-in’ it applies if the following conditions are met;
where you’ve obtained a person’s details in the course of a sale or negotiations for a sale of a product or service;
where the messages are only marketing similar products or services; and
where the person is given a simple opportunity to refuse marketing when their details are collected, and if they don’t opt out at this point, are given a simple way to do so in future messages.
When you send an electronic marketing message, you must tell the recipient who you are and provide a valid contact address.
The rules on emails don’t apply to emails sent to organisations, though you must still identify yourself and provide an address.
The Telephone Preference Service (TPS) and Fax Preference Service (FPS) are operated by the Direct Marketing Association, and allow people to register their numbers to opt out of receiving unsolicted calls or faxes. You must not market individuals or organisations who have registered their numbers with the TPS or FPS.
In summary, we recommend that your marketing campaigns are always permission-based and you explain clearly what a person’s details will be used for. Provide a simple way for them to opt out of marketing messages and have a system in place for dealing with complaints.
The difficulty is if you’re starting a mailing list and you already have a database of people you want to put on it. That requires some creative thinking.
via Email & Postal Marketing – Sector Guide for Organisations – ICO.