“Do I need consent to send a Christmas card under the GDPR?” One of the latest Google search terms trending this month.
Print companies certainly feel the festive stress, processing vast orders of corporate Christmas cards. Some people may be surprised to hear that print is not dead, people in Britain buy more Christmas cards than any other nation. Charities, in particular, use Christmas cards as a great fundraising tool, with an estimated £50 million being raised annually.
One would hope that festive cheer is enough to satisfy the ‘legitimate reasons’ clause in the regulation. Advice has come in the shape of such statements as: “You can rely on legitimate interests if you can show that how you use people’s data is proportionate, has a minimal privacy impact, people would not be surprised or likely to object and they are given the means to refuse to receive such documentation in future (NB you must adhere to any such refusal).”*
Card manufacturers are obviously eager to calm any worries and have clarified that as long as clients haven’t specifically refused to receive marketing material from the organisation then all is well with the act of festive cheer!
23 April 2019
IT Systems Impact on Staff Wellbeing
10 April 2019
Are your employees adhering to your security policies?
03 April 2019
The Morrison’s Data Breach – Revisited
20 March 2019
Beating the Recruitment Process?
18 March 2019
Data and Brexit: An Uncertain Future?
26 February 2019
Managing Behaviour Through Technology in the Workplace