I don’t think that’s quite true. Your advice is based on materials from the IAPP, which is neither a regulator or the most accurate source of information. Though the ICO isn’t always reliable, their guide to Direct Marketing is clear and I would say rules out this scenario altogether. I think following the regulator’s approach, especially given their enthusiasm for enforcement in this area, is the most sensible approach rather than ‘zero risk’. The risks of choosing IAPP training manuals is admittedly much higher.
Of course, any organisation might decide to say ‘we’ll do this unlawful thing because we’ll probably get away with it’, but that’s a very different conversation.
Tim Turner
2040 Training
www.2040training.co.ukCan't argue with Tim on that, that's the zero risk option. If you want to cut it any other way I think you'll be introducing risk, how much risk and whether or not it's worth it will be for your team to decide.
All archives of messages are stored permanently and are available to the world wide web community at large at http://www.jiscmail.ac.uk/lists/data-protection.html
Selected commands (the command has been filled in below in the body of the email if you are receiving emails in HTML format):
All user commands can be found at https://www.jiscmail.ac.uk/help/subscribers/subscribercommands.html and are sent in the body of an otherwise blank email to [log in to unmask]
Any queries about sending or receiving messages please send to the list owner [log in to unmask]
(Please send all commands to [log in to unmask] not the list or the moderators, and all requests for technical help to [log in to unmask], the general office helpline)