Find out how does GDPR affects contact data gathering services, SDR outsourcing and other email marketing services so you can avoid legal problems when using them.

 More than two months have passed since the European Union’s GDPR law was implemented in late May. For a couple of months, there was widespread panic and not enough understanding of how it will actually work. Two months later - not much has changed.

We have witnessed several online services shutting down to EU users. The panic made way to another layer of uncertainty and not understanding what GDPR is all about.

For us at Market Republic this meant a lot of talk about GDPR with our (potential) clients. They have been asking us about GDPR compliance, as well as about how they should act in regards to their EU-related sales and marketing activities.

Should you care about GDPR?

Before going further, it’s important to point out - GDPR applies to all companies worldwide when they collect and use data about European Union citizens.

If you are collecting data about people from other regions - GDPR does not apply, but you should be aware of any similar local regulation.

How GDPR affects our services

EU introduced GDPR to help its citizens protect their privacy. We can argue if this was the right move, especially for B2B sales and marketing, but right now there is nothing left to do but to adapt to it.

To make sure our services and business processes are set up in compliance with GDPR - we decided not to rely on our own understanding of this regulation, but to talk with experts from the BDK law office.

There are two main services in our portfolio that are relevant in terms of GDPR compliance. These two are:

  1. Account and Contact data  list building and

  2. SDR outsourcing.

When we create a contact data list for a client, or work on updating an existing contact list, we are working with the names and e-mail addresses of people employed at relevant companies.

Since this information can be used to identify a specific person, they are covered by GDPR.

On the other hand, when we send out sales and/or marketing emails on behalf of our client to a ready lead list - we are using those same email addresses, which again falls under the purview of GDPR.

In both cases, GDPR defines Market Republic’s role as a Data Processor and our client’s role as a Data Controller.

This means that we act on behalf of our client and in accordance with their instructions, thus having a lower level of responsibility on how this data is used.

How to send emails regarding GDPR (and when you shouldn’t)

As explained in a brief by our legal experts, we as a Data Processor as well as our clients, can freely collect contact data about the leads for our clients. This means when we create a lead list for a client - we are in compliance with GDPR.

But, depending on the EU country where leads are located, using this data may be problematic.

To make sure you are using this data properly, you should always notify people added to the list about how their data was collected, how it will be used, and what are their rights.

Also, when you want to send emails to email addresses collected, there is no uniform approach for the whole European Union.

In some countries - United Kingdom, France, Finland, Ireland, Sweden, for instance - you can send sales and marketing emails to a person’s business email address if its relevant for them.

This means there is a legitimate interest to offer them your products or services, with the understanding that they or their company can use it, and that this is the relevant person in terms of deciding about acquiring said product or service.

In some other countries - Germany, Austria, Spain and Italy - sending such emails is possible only after getting prior consent.

And in some cases, this also applies to sending sales and marketing emails to a generic, non-personal corporate email address.

GDPR compliant contact list building services on demand

To conclude - our services and processes are GDPR compliant. We can create a contact list for you and we can send sales emails on your behalf.

Our clients, as Data Controllers, should make sure their lead lists are used in compliance with GDPR by notifying people added to their lists as soon as possible.

To anyone looking for potential clients in the European Union, we would recommend talking to legal experts, like we did.

If you are looking for a way to spark your sales in the EU with contact list building or SDR outsourcing, but without getting into legal problems you can be sure Market Republic is the right choice.

Let’s talk about how we can help your sales grow - contact us.


Share on:

NOTE! This site uses cookies and similar technologies.

If you not change browser settings, you agree to it. Learn more

I understand