What does Corpdata Ltd do?

Corpdata Ltd supplies GDPR-compliant B2B marketing data for UK companies, used for direct marketing campaigns.

Is Corpdata's data GDPR compliant?

Yes, all Corpdata business data is processed in line with GDPR and maintained for accuracy and compliance.

How is B2B data compiled?

B2B data is compiled using multiple sources including publicly available data, company websites, and data modelling techniques to ensure accuracy and coverage.

Due diligence in data sourcing

Posted on 09/07/2024 at 10:30By Corpdata

Under UK data protection law, you are accountable for the personal data you process — regardless of where it came from. If your data supplier cut corners, the liability does not stay with them.…

What to ask before you license B2B data

Under UK data protection law, you are accountable for the personal data you process — regardless of where it came from. If your data supplier cut corners, the liability does not stay with them. It follows the data to you.

This makes due diligence more than a compliance exercise. It is a commercial decision about risk, reputation, and campaign effectiveness. Here are the questions that matter.

Where does the data come from?

This is the most important question, and the one most often left unasked. There are broadly three sources of B2B contact data:

Telephone researched: A person called the organisation, spoke to someone, and verified the details. This produces the most accurate and current data, but it is expensive and time-consuming to maintain.
Compiled from public sources: Data assembled from Companies House filings, websites, directories, and other published information. Often accurate at the company level but unreliable for individual contacts, since nobody verified whether that person is still in post.
Scraped or harvested: Data collected automatically from websites, social media profiles, and online directories. Volume is high. Accuracy, currency, and compliance are often low.

The method of collection directly determines the quality of the data and the legal basis on which it can be used.

What is the lawful basis for processing?

For B2B direct marketing using third-party data, the most common lawful basis is legitimate interest. This requires a documented Legitimate Interest Assessment (LIA) demonstrating that the marketing activity is proportionate and that the data subjects’ rights are respected.

Ask your supplier whether they can provide LIA documentation. If they cannot, or if they claim their data is based on “consent” collected by a third party, proceed with caution. The ICO has made clear that consent chains are fragile and frequently invalid.

How current is the data?

B2B data degrades quickly. People change jobs, companies move, phone numbers change. A record that was accurate six months ago may not be accurate today. Ask your supplier how frequently their data is verified and what the average record age is.

How are objections handled?

When a data subject objects to their data being used for marketing, that objection must be respected — not just by the supplier, but by every user of the data. Ask your supplier how objections and suppression requests are processed and how quickly they are reflected in the data you license.

The practical test

If your data supplier cannot clearly answer these questions — where the data comes from, how it is maintained, what the lawful basis is, and how preferences are respected — that tells you something important about the quality and safety of what you are buying.

Good data does not just perform better. It protects you, your reputation, and the people you are contacting. Due diligence is the mechanism that makes that visible before you commit.

Keep up to date with us