Direct Mail Campaigns – Data Requirements

GDPR

On the 25th May 2018 the existing rules governing the use of data will be replaced by the General Data Protection Regulations (GDPR). Anyone that keeps data on their customers or uses data for marketing needs to be familiar with the new rules and we recommend contacting the Information Commissioners office (the ICO) for further guidance.

For Clients who supply their own data to Fine Print
Direct mail campaigns that we undertake on your behalf mean that we now act as the “data processor” for GDPR purposes and you are now called the “data controller”. The new legislation requires updated contracts to be drawn up between the two.

Many of you have already been busy working on your own contracts and we have been happy to sign these and return when requested. If you are in the process of raising your own GDPR contracts, we will be happy to complete these before the deadline on 25th May. Without this contract we will not be able to complete direct mail campaigns for you from the end of May.

For Clients who supply someone else’s data to us
When we undertake direct mail campaigns on behalf of someone we are now acting as a “data processor” for GDPR and they are now called the “data controller”. The changes require updated contracts to be drawn up between the two. If you are using Fine Print Services Ltd to undertake your clients direct mail campaign, then there are two options…………

a)  You can put us in touch directly to the client and we will draw up a data processing agreement between us.

Or

b)  If you would rather maintain more direct control, then you can draw up a data processing agreement between yourselves and your client. If you  do this, you need to be confident that you can meet the requirements. You also need to tell the client that you are passing their data onto a third party (Fine Print Services Ltd). As well as an agreement between you and your client we will also require a signed agreement between you and us.

Which ever route best fits your own requirements please be aware that we need contracts completed and signed before 25th May otherwise we will not be able to complete direct mail campaigns after this date.

For Clients who supply someone else’s data to us
In addition to a new agreement there are a multitude of responsibilities that come into play. These mostly reflect the gathering of the data, the security of it and reporting breaches. From a direct mail point of view there are two important changes.

  • Data Sources. Fine Print become jointly liable if data has been inappropriately sourced so if we have any concerns about the suitability of the data provided to us we will challenge this and refuse to accept the data if we are in any doubt as to the integrity of the souce.
  • Please follow these three simple procedures when supplying data to Fine Print:
  • Only send us what we need. If our mailing requires only Names & Addresses (which is our most common requirement) please do not send us additional fields such as telephone numbers, email address, gender and dates of birth.
  • Password protect your database using standard Excel procedures
  • Always send us your password in a separate email to the data. To avoid ever transmitting passwords we would be happy to agree a fixed password with you for ongoing use.