The UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy for individuals.

This blog has been written to help small charities and other small organisations such as businesses, clubs and groups to understand the additional regulations around electronic marketing messages.

People can complain to us if they think an organisation has handled their data unfairly. We get a lot of complaints from people who think organisations have used their data without their permission to send them spam marketing emails and texts or to make unsolicited marketing call.         

Some people want to get promotional messages and enjoy being kept in the loop. Others don’t want to hear about every new product, service, campaign or fundraising appeal.

For many people, getting marketing by email, text or phone is a nuisance. So the Privacy and Electronic Communications Regulations 2003 (PECR) set out what you can and can’t do when it comes to electronic marketing. It’s mostly to do with respecting people’s privacy and letting them choose if they want to get your marketing.

Here’s what you need to know about PECR if you’re a small business, charity or group that wants to send electronic marketing messages.

Think about how you want to contact people

PECR restricts unsolicited marketing by phone, email, text, fax or other electronic messages. There are different rules for different types of communication. For example, the rules on making marketing phone calls are different from the rules on sending marketing emails or texts.

Think about who you’re contacting

The rules about sending marketing emails and texts are different depending on who you’re contacting and are generally stricter for marketing to individuals than for marketing to companies. For example, you’ll often need consent before you can send marketing to private individuals and sole traders. Generally speaking, you can send marketing emails and text messages to limited companies as long as you’re clear about who you are and how they can opt-out.

Don’t contact people who don’t want to hear from you

If people haven’t given their consent or have opted out of receiving your marketing messages, don’t send marketing to them. Even if they’ve opted in before, people can change their mind and decide to unsubscribe. You must respect people’s wishes and stop sending them messages if they ask you to.

If someone has told you they don’t want you to make marketing calls to them, don’t call them. You also can’t call people or other businesses if they’ve registered with the Telephone Preference Service (TPS) or the Corporate Telephone Preference Service (CTPS), unless they’ve specifically told you they want your marketing calls.

Don’t assume you can send marketing to existing customers

You can’t assume that someone is happy to get your marketing messages just because they’re an existing customer or supporter. There is a rule about existing customers, which is sometimes known as a ‘soft opt-in’. This means you can send marketing texts and emails to people who have expressed an interest in your products or services before, but only if:

  • it’s to sell something similar;
  • you gave them a clear way to opt-out of your messages when you first collected their details; and
  • you give them a chance to opt-out each time you message them.

Charities can’t use a soft opt-in for campaigning or fundraising materials.

Consider data protection alongside PECR

You must have a lawful basis to use people’s personal data. If you want to send electronic marketing messages, you might need people’s consent.

You must also tell people what you want to do with their personal data and ensure that you use their data fairly.