Blog

What the ‘charitable purpose soft opt-in’ means and how to prepare. Charities will soon be able to send marketing emails or texts about their charitable purposes without getting explicit prior consent, as long as they meet certain conditions. This change is expected to take effect in January 2026. It’s a significant shift, made possible by […] [...]

Cyber Security Awareness Month October is Cyber Security Awareness Month and you may think you’ve heard it all before but hearing it and doing it are two different things. In this blog we we’re going back to basics with the Core 4 – four simple steps anyone can take to protect themselves, their business and […] [...]

When personal data is destroyed, it can have serious consequences, not just for the organisations responsible, but for the people affected. Destruction of personal data is a vital part of the data lifecycle and under data protection law, organisations shouldn’t hold on to personal information longer than necessary. In practice, that means clear retention schedules […] [...]

Sensitive Data and Vulnerable People What We Can Learn from Recent ICO Audits We’ve spotted a theme in three recent ICO audits, all of which focus on organisations that support some of the most vulnerable people in society. From secure children’s homes to women’s refuges and youth justice settings, these services often handle large volumes […] [...]

Do you know your business data basics? Last month we created a series of social media posts, The 12 Days of Data Christmas, sharing the key things you need to do and have in place to ensure you have your data essentials in order. As your time is precious, we have created this blog with […] [...]

This is the last in our blog series looking into data compliance when you are marketing by email. In our previous posts, we looked at the laws that apply when marketing using personal data and introduced the fictitious company All Things Stationery to help as we took a deeper dive into PECR and GDPR. If […] [...]

Welcome to part 3 of our email marketing blog series. If you haven’t read the first two posts yet, we highly recommend you start at the beginning otherwise this may not make sense!  Last time we looked at PECR – do you remember what it stands for? Yes – Privacy & Electronic Communications Regulations 2003, […] [...]

In our last blog post, we looked at An Introduction to Email Marketing. In this blog we're exploring what PECR is and what it means in terms of data compliance in your business. [...]

Direct marketing by email is a great way to reach potential and existing clients, showcasing your knowledge, products and/or services. However, when the ICO Direct Marketing Code of Practice stands at 124 pages long, it can seem like a minefield, and you’d be forgiven for giving up. In this series of blogs, I’ll guide you […] [...]

This reference guide gives you an overview of the terminology used in marketing compliance. The following are extracts taken from the Information Commissioners Office Direct Marketing Code of Practice What is the definition of direct marketing? The definition of direct marketing is in section 122(5) of the DPA 2018: “direct marketing” means the communication (by […] [...]