GDPR Myth Busting – Using professionals to deliver marketing services takes away the worry

If you pay a third party to do your marketing, you are both responsible for complying with GDPR and the Privacy & Electronic Communication Regulations.

If the ICO were to take enforcement action, they would usually take it against the ‘instigator‘. If a specialist subcontractor deliberately ignored the rules they might also consider taking action against them.

Whatever the situation it is a legal requirement to have a written GDPR compliant agreement in place, with suppliers that have access to your personal data. It needs to set out your contractor’s responsibilities and if possible, guarantees of compliance.

Find out more