UK B2B Email Data

Which Lawful Basis?

We identify ‘Legitimate Interest’ as the most appropriate lawful basis for processing our third party B2B marketing data. Direct marketing is recognised as a legitimate interest in GDPR recital 47.

How was this explained on collection?

Our online business directory and preference centre, 5mins.co.uk captures, legitimises, verifies and updates the corporate data on our file. On collection it was/is explained to each individual what their personal information would be used for. The 5mins Site Subscriber Privacy Policy is accessible directly on this link: https://www.5mins.co.uk/SubscriberPrivacy.aspx.

Do we use a Layered Privacy Policy?

On collection of the data we use a layered privacy policy with the most important information upfront. This is designed to be transparent and clear with concise language.

How are individuals informed of what we do with their data and how they can refuse marketing?

We send a regular data privacy notice by email reminding individuals of what personal information we hold and what we do with their data. The email includes a link for them to update their personal information and preferences within the 5mins preference centre. At this point they are also reminded of their right to object to processing and provided with the opportunity to unsubscribe. This gives them control over their information.

What do you need to do?

If you purchase B2B email data you will need to do your due diligence on your suppliers. We can assist you with documentation that will help you gather the necessary information. With sales of our prospect B2B email lists we to provide our clients with a copy of our data due diligence documents before purchase. We can also help with running balancing tests that ensure you are correctly targeting the right contacts. We can advise on any other necessary processes such as sending a data privacy notice on immediate purchase of an email list. We aim to help our clients as much as possible so that they understand the process and implications of GDPR.

What do we need to do with our clients?

We clearly have a responsibility to comply with the new law ourselves. This includes the need to ensure that, when we share personal data with you, it will be in good hands. Therefore we have to do our own due diligence on our customers. You will notice that we are asking you more questions, for instance about your lawful basis and data processes.

In summary

In summary, we are GDPR compliant with the UK B2B email data we supply because we do the following:

1. We are clear with individuals why we need their data at the point of collection
2. We always use clear and concise language appropriate for our target audience
3. We give individuals control over their data. They are always able to decide whether to share their personal data with us or not

Under the GDPR principle of accountability, Emailmovers is able to demonstrate that we are compliant. We always record the legal grounds for processing an individual’s personal data

UK B2C Email Data

Emailmovers acts only as an introducer in relation to business to consumer marketing.

Data OD Ltd | Data On Demand – https://dataondemand.co.uk/privacy-policy/

Data OD Ltd, Platform, New Station Street, Leeds, LS1 4JB

ICO: ZA231384

UK Reg No: 10183365

Latch Media Ltd | http://latchmedia.co.uk/privacy

Latch Media Ltd, Kemp House, 152 – 160 City Road, London, EC1V 2NX

ICO: ZA248834

UK Reg No: 10739395

See also our B2C Data Processing Privacy Notice page.

European B2B Email Data

We have been doing due diligence on our UK and overseas suppliers to ensure that their data collection is compliant with GDPR fair processing policies, and that their systems are robust enough to be able to deal with the rigours of GDPR such as SAR’s.

Which Lawful Basis?

The European third party B2B data we provide is processed under the legal basis of ‘Legitimate Interest’. Direct marketing is recognised as a legitimate interest in GDPR recital 47. In the B2B environment it can be assessed that sending relevant promotional materials to data subjects in their job roles will be appropriate.

How are individuals informed of what we do with their data and how they can refuse marketing?

• Our suppliers using LI have been sending messages to their European data subjects informing them of what data is held on them and why it is being held.
• Data subjects have been given the opportunity to opt-out.
• Data subjects have been given the opportunity to study the suppliers Privacy Policy.
• Data subjects have also been informed that third parties may use the data on the grounds of Legitimate Interest.
• Data subjects have been kept informed, offered opportunities for the processing not too happen, and offered extra information about their rights.

What do you need to do?

In preparation and post 25th May we will be assisting our clients in doing their due diligence. With future sales of prospect B2B email lists we are going to provide our clients with a copy of our data due diligence documentation before purchase. You will be expected to do an Impact Assessment to assess if your processing is relevant and appropriate. We will help with running balancing tests that ensure you are correctly targeting the right contacts. We can advise on any other necessary processes such as sending a data privacy notice on immediate purchase of an email list. We aim to help our clients as much as possible so that they understand the process and implications of GDPR.

What do we need to do with our clients?

We clearly have a responsibility to comply with the new law ourselves. This includes the need to ensure that, when we share personal data with you, it will be in good hands. Therefore we have to do our own due diligence on our customers. You will notice that we are asking you more questions, for instance about your lawful basis and data processes.