The General Data Protection Regulation (GDPR) is a regulation by which the UK and the EU intend to strengthen and unify data protection for all individuals within the UK and EU. This is likely to have some impact on Business to Business (B2B) Direct Marketing practices. The regulation comes into effect on 25 May, 2018 and will apply in the UK even if the UK leaves the EU.​

So what will be the regulations for B2B emails sent to business addresses and to individuals at UK/EU businesses after 25 May 2018?

Limited Companies, PLCs, LLPs, NGO’s and Government Bodies

According to the Direct Marketing Association (DMA) which is the most reliable source of information about GDPR, it will still be legal to email to business addresses and to email addresses of named individuals at UK companies and other organizations without their consent after 25 May 2018 provided the recipient is given an opt out from receiving further email and the email contains the senders Business Name and Address.

Therefore after 25 May 2018 in accordance with GDPR we will only be including email addresses at the Domains of Limited Companies, Limited Liability Partnerships, Public Limited Companies, NGO’s or Government Bodies. (If such organisations or individuals use a free type email addresses such as Gmail, Yahoo, Hotmail etc or an email addresses at telecoms services such as BT, Virgin, Talktalk etc these types of emails are NOT included in any of our UK or EU Lists.)

Legitimate Interest is the legal basis used to process the email addresses of named individuals working at any of the organisations mentioned above, complying with GDPR, PECR and the guidelines for the UK issued by the Information Commissioners Office (ICO). Furthermore, if such a named individual objects to the storing and use of his/her personal data, then the personal data is removed from the database.

Sole Traders and Ordinary Partnerships

After 25 May, 2018 it will not be acceptable under GDPR to email Businesses that are Sole Traders or Ordinary Partnerships. Therefore after 25 May you will find that all such email addresses have been removed from all of our UK/EU Lists. 

Consent/Opt In Lists

As mentioned an opt in is NOT required when emailing to Organisations, Limited Companies and other Corporates.

If you are offered “opt in” lists containing details of Sole Traders or Consumers then please note that under GDPR prior consent is no longer a general “opt in”. For a List to be described as “Opt In” VERY specific permission relating to very specific products and very specific suppliers must have been given. The ticking of a box is specifically mentioned in GDPR as not being a sufficient ‘opt in’ under the new regulation.

APC does not offer opt in Lists and advises buyers to beware of false or misleading claims if offered so called “Opt in” Lists relating to Sole Traders and Partnerships for use after 25 May 2018 although to reiterate; an opt in is NOT required when emailing to Organisations, Limited Companies and other Corporates provided other GDPR details such as including the senders Name and Address and offering an opt out from receiving further email messages are observed.

Enforcement

At the time of writing is unclear how each national government will actually interpret and enforce these EU wide regulations particularly where they are related to Business to Business activities. In the UK which is usually one of the most business friendly member countries will all aspects of GDPR B2B legislation be strictly enforced or will warning notices be sent particularly to first time transgressors? While we hope the UK authorities adopt a commonsense approach we do not want to encourage users of our Lists to get into trouble which is why we are removing data relating to Non Companies such as Sole Traders and Partnerships from May 25, 2018 onwards.

This guidance should not be construed as legal advice; it is being provided in good faith for informational purposes only. If in doubt please consult with your legal adviser for application to your own business practices.