KNOWLEDGE BASE Mobile Marketing In The UK

The information on this page was current at the time it was published. Regulations, trends, statistics, and other information are constantly changing. While we strive to update our Knowledge Base, we strongly suggest you use these pages as a general guide and be sure to verify any regulations, statistics, guidelines, or other information that are important to your efforts.

 

January 31st, 2020 Update: On March 29, 2017, UK Prime Minister Theresa May triggered Article 50, which formally started the process whereby the UK would leave the European Union. The original plan was for the UK to leave the EU on March 29th, 2019 but on October 28th, 2019, the EU agreed to push the extension deadline to January 31, 2020. 

The council agreed to conclude the withdrawal, and it  took effect at midnight on January 31st, 2020. After this date, the UK is no  longer an EU member state. This will obviously shift how business is done in the UK. We will keep updating this page to reflect these changes. 

Learn more about Brexit here. 

Mobile Marketing In The UK

 

Phone Marketing Regulations

 

Privacy and Electronic Communications (EC Directive) Regulations

The Privacy and Electronic Communications (EC Directive) Regulations complement the existing data protection regime and set out more specific privacy rights on electronic communications. PECR was derived from European law, it implemented the European Directive, 2002/58/EC. PECR has been updated twice, the 2004 Amendment changed rules on marketing calls to companies and the 2011 Amendment changed rules on cookies, reporting security breaches, and the Information Commissioner's Office’s enforcement powers.

 

To whom and what do the Privacy and Electronics Communications Regulations apply? 

The PECR are broader than the DPA, in that they apply even if your organisation does not process personal data for marketing purposes, i.e., you do not know the name of the person you are contacting. PECR applies if you:

  • market by phone, text, email, or fax;

  • use cookies or a similar technology on your website; or

  • compile a telephone (or similar public) directory.

 

What are the important terms to understand? 

Electronic Communications: Although it is not defined in the PECR, electronic communications generally means any information sent between particular parties through a phone line or internet connection. This includes:

  • phone calls

  • text messages

  • video messages

  • faxes

  • emails

  • internet messages

Electronic communications does not include generally available information, such as the content of websites or broadcast programming.

Consent: In the context of the PECR, consent must be knowingly given, clear, and specific. It must be given to your particular company and to the manner in which you intend to market, i.e., email, phone call (live or automated), text, or fax.

 

The clearest way to obtain consent is to allow the receiver to click an “opt-in” box. You must always provide the receiver with the opportunity to withdraw consent, or “opt out.” An unticked “opt-in” box is more clear than a pre-ticked “opt-in” box or an “opt-out” box.

 

 

How do I comply with the PECR?

PECR restricts unsolicited marketing by phone, text, email, fax, or other electronic message. Regulation 21 prohibits you from making live unsolicited (telemarketing) calls to anyone who:

  • has previously told you that he or she does not want to receive the marketing calls; or

  • has registered with the Telephone Preference Service or the Corporate Telephone Preference Service, unless the person has specifically consented to your calls, even if he or she is an existing customer.

You must always tell the subscriber who is calling and provide contact address or freephone number if asked.

 

When can I make telemarketing calls? 

Based on the restrictions in Regulation 21, you can make telemarketing calls to any individual who has specifically consented to the calls (e.g., chosen to ‘opt-in’) and to any individual who has not consented as long as he or she is not listed on the TPS registry and has not previously objected to your calls.

In practice, this means you will have to check your list against the TPS registry and keep your own list of people who have previously objected or opted out.

Regulation 19 governs the use of automated systems when making marketing phone calls. Rules for automated phone calls are stricter in that they require that you always have the consent of the receiver to receive this type of call. General consent for marketing, even telemarketing, is not enough. All automated calls must include your name and either a contact address or a freephone number.

The Telephone Preference Service is central register of individuals who have opted out of receiving telemarketing phone calls. The Corporate Telephone Preference Service is a central register of corporations that have opted out of receiving telemarketing phone calls. Sole traders and some partnerships are considered individuals, and therefore may be registered in the TPS rather than the CTPS, so you should check your marketing lists against both registers.

The TPS registry only prohibits marketing calls, so you will still be able to make calls for purposes of genuine market research. Also, the TPS registry does allow people to register mobile telephone numbers, which will prevent you from making telemarketing calls to those numbers, but this does not prevent you from sending SMS messages. As good business practice, if you send marketing SMS messages, you should include an ‘opt-out’ request option.

 

Can I use marketing lists? 

You are allowed to use bought-in marketing lists and you can create your own marketing lists, however, you are still required to comply with all marketing regulations, which can be particularly tricky when using bought-in lists.

 

Bought-in marketing lists

You can use bought-in marketing lists when making live phone calls, but you must screen the list against the TPS and, when applicable, your own “do not call” list. Bought-in marketing lists are impractical for recorded call marketing messages, which require the individual to have given specific consent to receive the particular type of marketing from you. You must also satisfy yourself that any list you use is accurate and the data was collected fairly and that the consent is specific and recent enough to rely on.

 

Compiling your own marketing lists

Using the details of people who previously bought goods or services from you or who have registered through your website or made an enquiry is a great way to compile a marketing list. However, you cannot assume that because someone provided his contact details, he is happy to receiving marketing from you. You should make it clear upfront that you intend to use his details for marketing purposes. The easiest way to get clear consent is to use opt-in boxes for each type of marketing message you intend to send, e.g., text, email, phone. To ensure you are compiling an accurate and up to date list, record when, how, and what type of marketing consent you received. It is also important to note whether it is an individual or a company, as different rules apply to each. If you do not know whether it is an individual or a company, assume it is an individual and comply with the more strict rules.

 

Sharing marketing lists

If you intend to share your marketing lists with another company or group within your parent company, you must have each individual’s specific consent to do so. You cannot show consent by simply providing the notice in a hard to find, difficult to understand, and rarely read privacy policy.

 

Responding to objections or opt-outs

As soon as someone objects to or opts-out of your marketing messages, you should add him to your “do not contact” list. You can send an immediate reply confirming his unsubscribed status, but you may not contact him in the future even to ask if he would like to opt-in again. When someone objects or opts-out, you should not delete his information altogether, instead you should add him to your “do not contact” list, to ensure he will not be contacted in the future by mistake. This is particularly important if you buy new leads or marketing lists, as his details may be on a new list.

 

What are the risks of noncompliance? 

The Information Commissioner’s Office is tasked with the enforcement of the PECR. Enforcement measures include: audits, criminal prosecution, and monetary penalties up to £500,000. The ICO publishes quarterly updates on enforcement measures taken.

 

Fax Marketing Regulations

 

Privacy and Electronic Communications (EC Directive) Regulations

The Privacy and Electronic Communications (EC Directive) Regulations complement the existing data protection regime and set out more specific privacy rights on electronic communications. PECR was derived from European law, it implemented the European Directive, 2002/58/EC. PECR has been updated twice, the 2004 Amendment changed rules on marketing calls to companies and the 2011 Amendment changed rules on cookies, reporting security breaches, and the Information Commissioner's Office’s enforcement powers.

 

To whom and what do the Privacy and Electronic Communications Regulations apply? 

The PECR are broader than the DPA, in that they apply even if your organisation does not process personal data for marketing purposes, i.e., you do not know the name of the person you are contacting. PECR applies if you:

  • market by phone, text, email, or fax;

  • use cookies or a similar technology on your website; or

  • compile a telephone (or similar public) directory.

 

What are the important terms to understand? 

Electronic Communications: Although it is not defined in the PECR, electronic communications generally means any information sent between particular parties through a phone line or internet connection. This includes:

  • phone calls

  • text messages

  • video messages

  • faxes

  • emails

  • internet messages

Electronic communications does not include generally available information, such as the content of websites or broadcast programming.

Consent: In the context of the PECR, consent must be knowingly given, clear, and specific. It must be given to your particular company and to the manner in which you intend to market, i.e., email, phone call (live or automated), text, or fax.

 

The clearest way to obtain consent is to allow the receiver to click an “opt-in” box. You must always provide the receiver with the opportunity to withdraw consent, or “opt out.” An unticked “opt-in” box is more clear than a pre-ticked “opt-in” box or an “opt-out” box.


 

How do I comply with the PECR?

Regulation 20 prohibits you from sending faxes to:

  • individuals, sole traders, and some partnerships without their specific consent to receive such faxes;

  • corporations that have previously told you they do not want to received such faxes; and

  • any number registered in the Fax Preference Service, unless you have specific consent.  

All marketing faxes must include the name of the sender and a contact address or freephone number.

Based on Regulation 20, you can send marketing faxes to individuals only if they have specifically consented to receiving marketing faxes from you. Sole traders and some partnerships are treated as individuals for purposes of fax marketing. You can send marketing faxes to any corporate body without consent if it is not listed on the FPS and it has not previously objected to your marketing faxes. This means you will need to screen your marketing list against the FPS and keep your own list of companies that have opted-out of your marketing faxes.  

The Telephone Preference Service is a central register of individuals and companies who do not wish to receive marketing faxes. Although the TPS is primarily aimed at businesses, individuals who do not wish to receive marketing faxes can register as well.

 

Can I use marketing lists? 

You are allowed to use bought-in marketing lists and you can create your own marketing lists, however, you are still required to comply with all marketing regulations, which can be particularly tricky when using bought-in lists.

 

Bought-in marketing lists

For B2B fax marketing you must screen the bought-in marketing list against the FPS and your own “do not fax” list. You must also satisfy yourself that any list you use is accurate and the data was collected fairly and that the consent is specific and recent enough to rely on.

 

Compiling your own marketing lists

Using the details of people who previously bought goods or services from you or who have registered through your website or made an enquiry is a great way to compile a marketing list. However, you cannot assume that because someone provided his contact details, he is happy to receiving marketing from you. You should make it clear upfront that you intend to use his details for marketing purposes. The easiest way to get clear consent is to use opt-in boxes for each type of marketing message you intend to send, e.g., text, email, phone. To ensure you are compiling an accurate and up to date list, record when, how, and what type of marketing consent you received. It is also important to note whether it is an individual or a company, as different rules apply to each. If you do not know whether it is an individual or a company, assume it is an individual and comply with the more strict rules.

 

Sharing marketing lists

If you intend to share your marketing lists with another company or group within your parent company, you must have each individual’s specific consent to do so. You cannot show consent by simply providing the notice in a hard to find, difficult to understand, and rarely read privacy policy.

 

Responding to objections or opt-outs

As soon as someone objects to or opts-out of your marketing messages, you should add him to your “do not contact” list. You can send an immediate reply confirming his unsubscribed status, but you may not contact him in the future even to ask if he would like to opt-in again. When someone objects or opts-out, you should not delete his information altogether, instead you should add him to your “do not contact” list, to ensure he will not be contacted in the future by mistake. This is particularly important if you buy new leads or marketing lists, as his details may be on a new list.

 

What are the risks of noncompliance? 

The Information Commissioner’s Office is tasked with the enforcement of the PECR. Enforcement measures include: audits, criminal prosecution, and monetary penalties up to £500,000. The ICO publishes quarterly updates on enforcement measures taken.

 

 

Phone marketing regulations

Privacy and Electronic Communications (EC Directive) Regulations

Information Commissioner's Office: Guide to the Privacy and Electronic Communications Regulations

Personal Information Online Small Business Checklist

Personal Information Online Code of Practice

Telephone Preference Service

Direct Marketing Guide

Direct Marketing Checklist

 

Fax marketing regulations

European Directive, 2002/58/EC

Privacy and Electronic Communications (EC Directive) Regulations

Information Commissioner's Office: Guide to the Privacy and Electronic Communications Regulations

Facsimile Preference Service

Information Commissioner’s Office: Direct Marketing Guide

Direct Marketing Checklist

KNOWLEDGE BASE Mobile Marketing In The UK