Business to Business marketing

The GDPR covers information that identifies individuals only, so any business to business marketing would not be covered as long as the details are generic and don’t identify an individual.

So if the email address was sales@businessname.co.uk that would be fine, no individual is identified, however if your contact is j,bloggs@busniessname.co.uk then you are identifying an individual and therefore GDRP does apply.

That doesn’t mean you can’t send marketing materials to them, there are several basis for consent that could apply depending on the situation, as long as the information you’re sending is relevant, expected and not intrusive.

Business Cards

The GDRP will apply to business cards if they contain an individuals personally identifiable information, like their name (and what business cards don’t have names on them!) and if you store them in an ‘organised filing system’

That could apply to a filofax, rotadex or similar system, or if you input the details into a digital storage system, like your phone or PC address book. It’s slightly less clear if the information is ‘stored’ loose in your draw or desk.

Again, the GDPR offers means to ‘store and process’ this information in this way, you just have to be aware of it and make sure you don’t use the information in a way that would be unexpected. It might be expected to pass the details onto an interested third party, say a work colleague, who might want to make contact with the individual. It would probably not be expected for you to pass that information onto a third party marketing company that has no relation to you or your business.

#WeCanHelp

tinsleyNET IT Servces Consultants #WeCanHelp

There’s a lot of work that needs to be done getting GDPR compliant, we can take the burden off you and create the policies, documentation and processes you need to make sure your organisation is compliant.

We can continue to support you by processing your incoming user requests and monitoring your processes to make sure your organisation remains GDPR compliant.

Contact Us Today!

GDPR General Data Protection Regulation

Some of the GDPR specific services we offer include:

  • Data Protection Officer Services
  • Policy Writing
  • Data Handling
  • ICO Registering
  • Process Monitoring
  • Process Assessment

General Data Protection Regulations

Data Protection Act 2018

The GDPR UK implementation and the UK Data Protection Act 2018 govern how organisations can process personally identifying information.

If your organisation needs to process personal information, it needs to be registered on the ICO database, and have a Data Protection Policy in place detailing the use of personal information.

Personal Information is any information that can identify an individual, such as employee names, customer id’s or CCTV footage.

If you need help assessing your GDPR compliance, contact us immediately for a GDPR review.

GDPR General Data Protection Regulation Logo

16 Comments

Bill B · August 15, 2019 at 7:52 pm

Do you write GDPR policys for business to business? We’re a small business that needs some help.

Vanessa Cander · August 11, 2019 at 1:58 am

We’ve had an email from the ICO, can you help us?

Zack Barnstome · August 2, 2019 at 9:39 am

This doesn’t make it clear if using my phone to call businesses is ok or not?

    tinsleyNET Admin · August 2, 2019 at 10:02 am

    Hi Zack, I’m not sure what you mean here. If you’re asking ‘can I still store details in my phone book and make phone calls to them’ then the answer is most likely ‘yes’
    If you’re speaking as a member of the public, then you don’t directly fall under GDPR.
    Perhaps you can give some more information on what you need help with?

Elza Allsopp · August 2, 2019 at 4:03 am

I don’t think the law applies to email or to business cards as you say, its not something that the police can do anything about anyway.

    tinsleyNET Admin · August 2, 2019 at 9:59 am

    Hi Elza. The GDPR applies to any personally identifiable information relating to an individual citizen of the EU.
    What that means is that any information (digital, printed, written, spoken or any other type) being processed or stored that can be used to identify an individual person in the EU is covered, this includes processing by transmission by email or storage of businesses cards with personal information on them.
    Each country has its own Data Protection Agency that oversees the enforcement of the GDPR, this is usually maintained through reportes of breaches of the regulations from members of the public or other businesses.
    As to whether the Data Protection Agency actively follows up a report is up to them, obviously they don’t have the resources to follow up every single report but you can imagine if an organisation has multiple reports of data security breaches against it, it’s more likely to be investigated. The ICO in the UK have already shown they’re ready and willing to prosecute if needed, with several successful prosecutions under the GDPR already.
    But at the end of the day, the nature of the data that the GDPR is designed to protect is such that even without such regulations, organisations and individuals should have enough sense of responsibility and respect of other people’s information that they don’t misuse it.

Benedict R. Balum · August 2, 2019 at 2:11 am

Does this mean I can not sent emails to people I work with in the Europe? I email them daily and send them information by email, will this be affecting me doing that?

    tinsleyNET Admin · August 2, 2019 at 9:50 am

    No, the GDPR is not designed to prevent emails being sent, only the protect any personal information in the emails being intercepted or misused.
    If you need to contact an individual in the EU, make sure you have a valid reason to have their contact information in the first place, and to make contact with them. If your basis is consent driven make sure they are given the option to opt-out as easily as they opted in to receiving your emails.
    If you are sending additional personal information or any information that is classified as ‘special category data’ make sure you take all reasonable precautions to protect that information from being accessed unlawfully, this could mean using encrypted emails or encrypted attachments. If you’re using password based encryption, make sure you have a procedure in place to securely transmit the password to the recipient separately from the email.

Alberto Puff · July 28, 2019 at 12:49 am

You really make it seem really easy with your presentation however I find this topic to be really something that I think I would never understand. It kind of feels too complex and very vast for me. I am taking a look ahead to your subsequent put up, I’ll try to get the dangle of it!

    tinsleyNET Admin · July 29, 2019 at 11:03 am

    If you need help with getting your business GDPR compliant, we can help. We can assess your business as it is and identify all the areas that fall under GDPR, we can write your GDPR policy files and help you make any changes to comply with the GDPR requirements.

Stephaine Scherbarth · July 19, 2019 at 10:35 pm

Ive learn some just right stuff here. Certainly worth bookmarking for revisiting. I surprise how much attempt you place to create this type of magnificent informative website.

Mack Farias · July 19, 2019 at 9:37 pm

everything is very open with a precise description of the challenges. It was really informative. Your website is extremely helpful. Thanks for sharing!

Irina Sowa · June 24, 2019 at 8:36 pm

We’re a group of volunteers and starting a brand new scheme in our community. Your site provided us with helpful information to work on. You’ve done a formidable task and our entire community can be thankful to you.

Joesph Yoquelet · June 22, 2019 at 12:49 pm

Hey There. I found your blog the use of msn. That is a very neatly written article. I’ll be sure to bookmark it and return to read extra of your helpful info. Thank you for the post. I will certainly comeback.

What are your thoughts?