When seeking referrals off people in my networking group, what information is safe to gather? So, let’s say, for example, I ask Bob for referrals of our ideal client. Bob knows somebody who may be interested in our service – so passes us their contact details. Is this safe?
Samuel Poole Marketing Communications Manager Syn-Star Complete I.T. Solutions
Great question, actually in Data Protection terms it is not safe to do this unless certain things are in place.
Essentially when dealing with personal information such as contact details the person who decides what to do with the information is a data controller, in this case, Bob.
The data controller has to “process” personal data fairly (processing includes passing it to a third party i.e. you). They also have to have one of six lawful reasons to be able to process the data. The most appropriate one of which in these circumstances is the consent of the data subject. This has to be GDPR compliant consent i.e. given freely, not under duress and in full knowledge of what they are consenting to.
The data controller also has to give “privacy information” explaining how the subjects data will be used. There are specific things that have to be included in this information which often takes the form of a notice, but can also be given verbally depending on the circumstances.
It is incumbent on you to check that the necessary consent is in place for the use you wish to make of the data before acting on it.
Of course, once the information comes into your hands for marketing purposes you become a data controller, in addition, you will need to comply with the Privacy and Electronic Communications Regs in relation to electronic marketing messages (phone, fax, email or text).