EDIT: JAN 2021
N.B. Brexit has changed things considerably when it comes to B2B email marketing from UK to EU – if you want to discuss how you manage your marketing strategy outside of the UK and stay compliant email us on info@legaledge.co.uk
GDPR was supposed to be a nightmare for email marketing. Some marketing teams were told to delete whole mailing lists, or try to get every single person’s consent before 25th May. Here Dr Bostjan Makarovic, founder of Aphaia, outsourced Data Protection Officers, has worked with us to reassure you that this wasn’t needed, and that B2B email marketing is still OK…
In the UK, you can still send B2B marketing emails (including to john.smith@company.co.uk, even if you don’t have consent from John Smith), provided you have what’s known as a ‘legitimate interest’. This is where you’ve assessed your company’s interests against those of the individuals and can show their interests aren’t overridden (which for a normal B2B email marketing campaign should be fairly easy).
This is the case if you’re based in the UK and run the campaign from a UK company, in which case it’s also ok to send emails to people in other countries.
However, if you’re based in another European country you will need to check the law in that country. Because many treat B2B email marketing the same way as B2C, which has a higher level of scrutiny. In Italy and Poland, for example, you need to have the consent of those you want to email (which is difficult if you can’t email them – right?!). Some countries, such as Netherlands and Spain, are ok for you to email people if you can show you obtained their email address ‘in the context of the sale of a similar product or a service.’ Germany seems to have adopted the strictest approach, requiring a ‘double opt-in’ for both B2B and B2C email marketing.
In any event you must always give people an easy opt-out and then act on it – ensuring you keep track of those who have opted out so you can’t/don’t re-contact them.
Other top tips:
- Include the full company name in emails to avoid any claims of false or concealed identity.
- Ensure people can reply to the email, or give another clearly visible contact email address so people can exercise their privacy rights.
- Have a GDPR compliant privacy policy that is clearly accessible from the emails sent or at least from your website.
- If you decide to seek people’s consent, keep in mind that the consent may be withdrawn at any time and that you need to tell that person of their right to do so when you ask for
- To rely on legitimate interest ensure you have conducted and documented a Legitimate Interest Assessment.
- When sending emails from the UK to those in other countries whose laws are stricter, be mindful that people might still be unhappy….and be sensitive to their requests.
Finally, we need to stress that there is ANOTHER update to the electronic communications and marketing laws looming, which could change the current position AGAIN. Worst case, the new ePrivacy Regulation is expected to impose the same rules for most B2B and B2C marketing. But, to further complicate matters, with Brexit looming too, we don’t know whether the UK will implement the EU Regulation or not, so all we can say at this point is, don’t panic, and we’ll keep you posted.
If you want to discuss any of the above in more detail, please do not hesitate to get in touch.
Article co-written by LegalEdge and Aphaia, October 2018
