“Do I need consent to send a Christmas card under the GDPR?” One of the latest Google search terms trending this month.
Print companies certainly feel the festive stress, processing vast orders of corporate Christmas cards. Some people may be surprised to hear that print is not dead, people in Britain buy more Christmas cards than any other nation. Charities, in particular, use Christmas cards as a great fundraising tool, with an estimated £50 million being raised annually.
One would hope that festive cheer is enough to satisfy the ‘legitimate reasons’ clause in the regulation. Advice has come in the shape of such statements as: “You can rely on legitimate interests if you can show that how you use people’s data is proportionate, has a minimal privacy impact, people would not be surprised or likely to object and they are given the means to refuse to receive such documentation in future (NB you must adhere to any such refusal).”*
Card manufacturers are obviously eager to calm any worries and have clarified that as long as clients haven’t specifically refused to receive marketing material from the organisation then all is well with the act of festive cheer!View More Articles
- 22nd July 2019The Human Element of Data Security
- 15th July 2019Third Party Data Protection
- 10th July 2019Two Fines in Two Days – ICO Plans to Fine Marriot £99m
- 10th July 2019ICO Issues A Record Fine for BA
- 2nd July 2019Do You Have True Visibility of Your Data?
- 18th June 2019Reduce Your Exposure to a Data Breach
- 15th May 2019Organisations Relationship with Cybersecurity and their Workforce – In Scope
- 9th May 2019Subject Access Requests
- 1st May 2019Data Discovery
- 26th April 2019Defence In Depth