We update our blog with regular posts to keep you up to speed on the world of B2B data.
Posted on 18/02/2020 at 10:30By Corpdata
How does your data supplier deal with individuals’ rights - do they pass on objections?
The adherence of the processor to an approved code of conduct or an approved certification mechanism may be used as an element to demonstrate compliance with the obligations of the controller.So the code can form an important part of showing how you comply, if you adhere to it. It also signposts how the ICO will be considering topics, from basic ones, such as, what constitutes direct marketing, through to guidance on more complex issues like, what due diligence checks are necessary when sourcing a list.
What does the ICO suggest you should consider when buying or renting direct marketing lists?
Who compiled the data – was it the organisation you are buying it from or was it someone else?This extract from the draft code of practice provides a strong hint of questions you could, or perhaps should, include in your due diligence. We agree, they are very sensible! Our 'Due Diligence Disclosure Pack' answers all of these questions, and more besides.
Where was the data obtained from – did it come from the individuals directly or has it come from other sources?
What privacy information was used when the data was collected – what were individuals told their data would be used for?
When was the personal data compiled – what date was it collected and how old is it?
How was the personal data collected – what was the context and method of the collection?
Records of the consent (if it is ‘consented’ data) – what did individuals’ consent to, what were they told, were you named, when and how did they consent?
Evidence that the data has been checked against opt-out lists (if claimed) – can it be demonstrated that the TPS or CTPS has been screened against and how recently?
How does the seller deal with individuals’ rights – do they pass on objections?
Choosing Corpdata as your supplier helps your compliance
A reputable third party should be able to demonstrate to you that the data is reliable. If they cannot do this, or if you are not satisfied with their explanations, you should not use the data.
Pro-tips: Spreadsheets and data cleaning
Do you need to register with the ICO?
Controversy over wording leading to uncertainty
What the law says
Who needs to register
Posted on 04/02/2020 at 10:30By Corpdata