They had recently returned from the ICO Conference in Manchester (held to launch their consultation on the new online code) where Jenny had been asked to speak by the Information Commissioner no less.
We thought we would take the opportunity to ask for an ‘official word’ from such luminaries on an area many email marketers often ask about…
“What are the data protection implications of collecting ‘refer a friend’ data?”
Viral campaigns that are designed to collect data can be viewed as a murky area by some. Refer-a-friend schemes work well and can be a great source of new email addresses but there are indeed some legal hurdles to overcome.
True to style (Rosemary is ex-Chair of the DMA ) Rosemary brought clarity, which I’d like to share in this blog.
The legal rules you need to know
The data protection issue relates not to the initial individual, who can give permission for their details to be used in the normal way, but to the recipient who could be completely unaware that their personal data is being processed.
Advice from the DMA suggests that any individual whose details have been obtained via another individual should be advised as soon as possible, and not later than with the first email marketing communication, that their information is being processed and given the right to object to processing.
For charities, this would have to be an opt-in.
Things to remember when using refer-a-friend to collect email addresses:
- The referrer should be told if you want to name him when you contact his friend
- Data collected by referral can be used only once until you get consent
- The referred person must be asked for their permission for any future uses (this has to be via an opt-in mechanism)
- Non responders cannot be contacted again
- You can incentivise response and sign up
For more advice go to http://ico-consult.limehouse.co.uk/portal