Sign in

Courtesy navigation

Comments (0)

Your marketing database and the law

  1. Review what data you collect, and why you need it.
  2. Ensure that you do not collect any unnecessary personal data; delete any unnecessary information from your records.
  3. Check whether you need to notify the Information Commissioner about your use of personal data, and if necessary do so.
  4. Train employees on how data protection principles apply to their work.
  5. Make breaches of data security policies and misuse of data disciplinary offences.
  6. Collect information fairly; if in doubt, ask contacts to opt in before adding them to your database.
  7. Include a statement of your privacy policy on your website.
  8. Maintain a ‘do not contact’ list of individuals and companies who have opted out; check against this list before adding new contacts to your database.
  9. Take steps to ensure that you input data accurately.
  10. If you buy in mailing (or other) lists, ensure that they have been properly screened: for example, checked against the Mailing Preference Service, and that the list broker has obtained the proper opt ins if you want to market to the list electronically.
  11. Give contacts the right to opt out from further communications whenever you send them mail or electronic communications.
  12. Protect access to systems and data: for example, through appropriate building security and computer passwords.
  13. Install appropriate electronic security: for example, a firewall and anti-virus software.
  14. Restrict access to sensitive information to employees who need it.
  15. Set up a system for updating your database, including removing information that is no longer needed.
  16. Dispose of old records (on paper or electronic storage) securely.
  17. Ensure that you back up your database, and that backup copies are kept secure.
  18. Set up a procedure for responding to subject access requests from individuals who ask to see what information you hold on them.
  19. Check the legal position before you transfer or sell your database (for example, selling to a third party or transferring to an overseas office).

Cardinal Rules

Do:

  • notify the Information Commissioner if necessary
  • use data only for legitimate business purposes
  • ask contacts to opt in to receiving marketing communications
  • give contacts the opportunity to opt out from further communications
  • display your privacy policy on your website
  • protect your database from unauthorised access.

Don’t:

  • collect information just because you can
  • send unsolicited ‘spam’ emails
  • cold call individuals or companies who have opted out
  • allow employees to share passwords.

More on marketing and advertising

Add this

Rating

0
Your rating: None

Email a friend

Comments

Add a comment

Not registered? We'll create a new account for you when you add your comment

  • Web page addresses and e-mail addresses turn into links automatically.
  • Allowed HTML tags: <a> <em> <strong> <p>
  • Lines and paragraphs break automatically.

Create an account

Not registered? We'll create a new account for you when you add your comment.
Account information
Your name on the Donut websites
Personal information
Your first and last name, please
We'll send your registration details here
Just the first part - eg SW17
Not in the UK? You can still leave comments:
I would like to receive the My Donut e-newsletter
Type the characters you see in this picture. (verify using audio)
Anti-spam check - enter the characters you see

When you click 'Register' to create a new account, you accept our terms of service and privacy policy

We check all comments before publishing them on the site.