Working within GDPR
On this page, we discuss the European Union’s GDPR rules, what they mean and how we can safely work within them.
Marketwise Mini Guide to GDPR
The General Data Protection Regulation (GDPR) brings all EU member states under a common framework regulating data protection. The law applies to anyone, where ever they are located, if they are handling data of EU citizens. The UK will continue to use GDPR rules after Brexit, until and if it is replaced by a new law. The Information Commissioners Office (ICO) is the official body responsible with ensuring UK compliance with the GDPR.
For detailed information, please refer to the https://ico.org.uk/ website.
GDPR only applies to “Personal information”. Personal information is defined in lengthy detail, but suffice to say, names, email addresses and other contact details definitely meet the definition.
Data Controllers v Data Processors?
Marketwise is a Data Controller. This means we are responsible for the appropriate storage and handling of the personal data that we hold. Marketwise is not responsible for data held by our customers. If you collect personal information on a landing page for example, it is your responsibility to work within GDPR for that data.
Legal Consent for GDPR
In order to send information to contacts, some sort of consent is required. If no opt-in is available, Marketwise relies on “Legitimate Interest” consent. This provision allows for relevant and reasonable information to be communicated, which is not more easily communicated in some other way. Your marketing messages must meet these tests. Marketwise will conduct a Legitimate Interest Assessment (LIA) before we process your message and record the result.
So long as the message you are sending is relevant to the recipients, you are ok to send. Marketwise will review the message for relevance. Untargeted messages fall into the spam category and are ignored or often automatically filtered out. With Marketwise’s highly specialised scientist database and ability to create a tightly controlled list of prospects, no violation of GDPR should occur.