The guidance is aimed at those responsible for data protection within public sector organisations.
Direct marketing is broad and covers all types of advertising or marketing that is directed at individuals. It involves any type of communication including emails, text messages, direct messaging on social media and more traditional methods such as phone calls and post. It includes commercial marketing (eg the promotion of products and services) as well as aims and ideals (eg fundraising and campaigning).
Any sector or type of organisation is capable of engaging in direct marketing. However the majority of messages that public authorities send to individuals are unlikely to constitute direct marketing.
Anthony Luhman, ICO Director, said:
“If you work in the public sector, the law doesn’t stop you from sending promotional messages when they are necessary for your task or functions. However there are times when the direct marketing rules will apply and we want to help the public sector get it right.
“Our new guidance will help you understand how to send promotional messages in compliance with the law. Done properly the public should have trust and confidence in promotional messaging from the public sector.”
If a message is direct marketing, public authorities need to comply with the marketing rules in the Privacy and Electronic Communications Regulations (PECR) if they are using electronic communications (eg phone call, email, text message).
However, regardless of whether a promotional message is direct marketing or not, public authorities must still comply with the requirements of the UK GDPR.
Mr Luhman said:
“It’s important to be transparent about what you intend to do with people’s personal data including telling them about the types of messages you want to send.”
The UK GDPR also gives people a right to object and this may apply even if your promotional message is not direct marketing. The new guidance has more details on when this right may apply.