ePrivacy
ePrivacy Regulations and Electronic Marketing (Newsletters and External Communications)
When you undertake communication and/or marketing activities, you need to pay attention to two key pieces of legislation: GDPR and the ePrivacy Directive.
A new ePrivacy Regulation is due to come into force soon. It is intended to better complement the GDPR and to bring greater harmonisation across Europe.
What is direct marketing?
Direct marketing involves a person being targeted as an individual, and the marketer attempting to promote a product or service, or attempting to get the person to request additional information about a product or service. In addition to attempts to promote a product or service, direct marketing also extends to other promotional content such as, for example, promotional messages for events, even free events offered by organisations, including universities.
If the communication is organisation internal and part of a person's role and work for UCD, then it would not always fall under the ePrivacy Regulations.
For many communications it is likely that you will need the recipient’s consent. If this is the case, then you need:
- To keep a record of the consent
- To keep a record of what exactly was consented to
- To keep a record of the date & format of the consent
If your communication is based on consent, then you have to give the recipient the opportunity to retract their consent at any time as easily as it was given.
If consent is retracted, then you need:
- To keep a record of the retraction
- To keep a record of the date & format of the retraction
- To stop sending communications to this recipient
Further Information:
- EDPB - (opens in a new window)ePrivacy interplay with GDPR
- DPC - (opens in a new window)Rules for Direct Electronic Marketing
- DPC - (opens in a new window)FAQ on Consent for Electronic Direct Marketing
- DPC - (opens in a new window)Children Front and Centre- Fundamentals for a Child-Oriented Approach to Data Processing