GDPR and Marketing: What it Means for Consent

Despite not seeming like the most obvious connection, GDPR and marketing actually going hand in hand.  The new regulations come into effect on the 25th May 2018, so it’s important to understand what it will means for your marketing efforts.

The ICO has already announced that failure to adhere to the new GDPR regulations could lead to fines of 2-4% of annual turnover or 20m Euros – whichever’s highest! So, if you use personal information as part of your marketing, then take heed.


GDPR defines consent as “freely given, specific, informed and unambiguous indication of the data subject’s wishes, by which a statement or clear affirmative action, signifies agreement to the processing of personal data relating to the subject.”

So the key questions to ask yourself is: do you have explicit consent to use the data? In other words, has the individual given you permission to use their data for the purpose you’re using it for? Bear in mind that if this is ever queried, you will need to prove permission was given.

Effectively, you can no longer rely on silence, inactivity or pre-ticked boxes – consent must be freely and wholly given. Plus, you must have a process in place so that the individual knows how they can withdraw consent at any time.

If you process data for any of your marketing, the onus is on you to make sure that it fulfils the new GDPR regulations before D-Day. And while May 2018 may seem a million miles away, this is just one aspect of many that needs to be complied with. So why not get a head start on your compliance and avoid the last-minute rush.

If you want to see how we can help you transition to comply with the new GDPR rules, get in contact today.