Cold email and GDPR

[Nikki79]

Hi,

I am a very small B2B business development business and I would like to pop a flyer across to a few local organisations. I have no intention of pestering them/repeat emailing but I am very aware that the laws have changed re this subject.

Can anyone advise if I am able to do so to generic email addresses.

Thanks so much, there is so much conflicting information out there.

 

[dotcomdude]

GDPR would be more relevant to an existing database that you wanted to re-use. It's PECR that you need to comply with in this instance.

 

[Mike Kilby PC.dp]

Email Marketing under GDPR is still governed by the Privacy & Electronic Communications Regulations and the only time GDPR will come into play, is where you are asking for consent and your transparency obligations.

As a general rule, you should not email anyone without consent. Obviously, anyone who has opted out should not be emailed.

If the emails are to non-corporate individuals (partnerships, sole traders, non-limited companies or the general public), you must have an explicit Opt-In to email.

If the email is to an address at a Limited Company, PLC or Government Department (corporate subscriber), you can email them using something called the "Soft Opt-In", more on that in a moment.

You can also email anyone who has previously interacted with you (bought from you, shown interest in your products/service) using the Soft Opt-In.

Anyone you use the Soft Opt-In for must be told who you are, where you obtained the data from and you must provide a mechanism for the recipients to Opt Out. You will be doing this using "Legitimate Interest" as your lawful basis and to comply with GDPR transparency, you should state this in the message along with your other privacy information.

A last note, neither of the regulations define what is an "individual" address (e.g. firstname.surname@ or info@). You should consider the size of the business you are emailing and if it is likely that addresses such as info@ or sales@ are likely to a single person. If you are unsure, default to assuming it's a personal address.