So we’ve covered who the ASA is and what they do, and why you need to be aware of the advertising rules.
So what about the ICO.
Who are they?
The ICO or the Information Commissioner’s Office is the regulatory body for information rights in the UK.
The Information Commissioner, currently is John Edwards, started in January this year and works with a management board.
There are 4 offices, one in England, Scotland, Wales and Northern Ireland.
They oversee a number of pieces of legislation, including relevant to marketing, the Data Protection Act 2018, the General Data Protection Regulation 2018 and the Privacy and Electronic Communications Regulations 2003 as amended.
What do they do?
They police the rules and regulations governing how and when personal data can be used in your marketing activities.
There are specific rules covering the channels of communications used by marketers, so direct mail, telephone, email, sms and fax.
Here’s a handy table to give you an overview of the permission rules in a nutshell:
Then, there are the Mail Preference Service (MPS), the Telephone Preference Service (TPS), the Corporate Telephone Preference Service (CTPS) and the Fax Preference Service (FPS) to consider.
These are the suppression files where an individual can object to receiving marketing in general. You need to screen against these files before sending out your marketing campaign,
Compliance with TPS, CTPS and the FPS is a legal obligation. The MPS is run by the Data and Marketing Association (DMA) and screening against it is mandatory for DMA members only. However, many brands comply voluntarily as it is seen as best practice.
If a complaint is made about the use of personal data, the ICO will contact the marketer. They will be asked to answer questions on how they acquired the personal data and to prove they had permission to send the marketing. If you hear from the ICO, they will also ask about the marketing campaign, wanting details of how many emails were sent or telephone calls made, and a host of other information about your data protection procedures.
And that’s who the ICO is and what they do.
Next time…
… why you should be aware of what you can and can’t do with the personal data in your marketing activities, and the penalties for ignoring them (which, spoiler alert, can be eye-watering!)