Sign Up

What is 8 + 4?

Have an account? Sign In Now

Sign In

What is 8 + 4?

Forgot Password?

Don't have account, Sign Up Here

Forgot Password

Lost your password? Please enter your email address. You will receive a link and will create a new password via email.

What is 8 + 4?

Have an account? Sign In Now

Please type your username.

Please type your E-Mail.

Please choose an appropriate title for the question so it can be answered easily.
Please choose the appropriate section so the question can be searched easily.

Type the description thoroughly and in details.

What is 8 + 4?

Sign InSign Up

Watercooler by DPOrganizer

Watercooler by DPOrganizer Logo Watercooler by DPOrganizer Logo

Watercooler by DPOrganizer Navigation

Search
Ask A Question

Mobile menu

Close
Ask a Question
  • Home
  • Categories
    • GDPR
    • Privacy Management
    • Professional Development
    • Software tips and tricks
    • Polls
  • Help
  • About Watercooler
Home/ Questions/Q 4513
Next
In Process
Anonymous
  • 0
Asked: March 11, 20212021-03-11T10:26:45+01:00 2021-03-11T10:26:45+01:00In: GDPR

Client wanting to solicit to our contact database

  • 0

I have a strange one, about which I am ambivalent. It’s strange mostly because it is unusual to me.

We curate a large database providing information about what is happening within a certain industry.

“Company X is doing activity Y with other company Z” sort of thing.
For each item, where possible, we list B2B contact details.

One of our clients wants to market to a few hundred of those B2B contacts. Our legal basis for processing is legitimate interest, using opt out.

They want our OK. thoughts?

  • 3 3 Answers
  • 0 Followers
  • 0
Answer
Share
  • Facebook

    3 Answers

    • Voted
    • Oldest
    • Recent
    1. HellenB

      HellenB

      • 2 Questions
      • 83 Answers
      • 0 Best Answers
      • 79 Points
      View Profile
      HellenB Silver contributor
      2021-03-11T18:55:28+01:00Added an answer on March 11, 2021 at 6:55 pm

      You, as a controller would be sailing very close to the wind with regards to being a third party seller of data and would need to be mindful of your obligations in this regard.
      As you collected the data for your own purposes you will have described the purposes for processing in your privacy notice. This would not have included research for the purposes of selling the data for a profit.
      I would suggest that you have a careful look at
      https://dma.org.uk/article/an-open-letter-to-data-brokers
      If this doesn’t form a key commercial imperative for your business I would strongly suggest that you consider if the legislative lift is worth it.

      • 2
      • Reply
      • Share
        Share
        • Share on Facebook
        • Share on Twitter
        • Share on LinkedIn
    2. PhilM

      PhilM

      • United Kingdom (UK)
      • 1 Question
      • 7 Answers
      • 0 Best Answers
      • 6 Points
      View Profile
      PhilM Rising star contributor
      2021-03-11T11:13:44+01:00Added an answer on March 11, 2021 at 11:13 am

      Hi, you would be able to provide this information as a controller to controller data share against their legitimate interest. However, they would need to consider careful what they do with that information. If they wanted to market to them by email, that would contravene PECR as they don’t have consent. If they believed they had a legitimate interest to contact them, they would need to be mindful of their obligations under GDPR Art. 14 (Information to be provided where personal data have not been obtained from the data subject). Cheers, Phil.

      • 1
      • Reply
      • Share
        Share
        • Share on Facebook
        • Share on Twitter
        • Share on LinkedIn
    3. Chris Roberts

      Chris Roberts

      • 0 Questions
      • 44 Answers
      • 0 Best Answers
      • 44 Points
      View Profile
      Chris Roberts Silver contributor
      2021-03-12T11:59:08+01:00Added an answer on March 12, 2021 at 11:59 am

      I would follow Hellen’s advice.

      • 0
      • Reply
      • Share
        Share
        • Share on Facebook
        • Share on Twitter
        • Share on LinkedIn

    Leave an answer
    Cancel reply

    You must login to add an answer.

    What is 8 + 4?

    Forgot Password?

    Sidebar

    Ask A Question

    Trending contributors

    Smurf333

    Smurf333

    • 12 Answers
    Bronze contributor
    Dave_Wylie

    Dave_Wylie

    • 28 Answers
    Bronze contributor
    CRodica

    CRodica

    • 6 Answers
    Rising star contributor
    Andrea

    Andrea

    • 15 Answers
    Bronze contributor
    Atis

    Atis

    • 4 Answers

    Recent questions

    • Ian G

      Revoke.com - new third party portal for customer right requests

      • 0 Answers
    • Anonymous

      Instagram!!

      • 0 Answers
    • Olga

      DPO in EU and UK

      • 2 Answers
    • Smurf333

      DBS scenario with HR retaining excessive information for longer than ...

      • 2 Answers
    • CRodica

      Parties role towards employees data for administrative purposes

      • 0 Answers

    Explore

    • Home
    • Categories
      • GDPR
      • Privacy Management
      • Professional Development
      • Software tips and tricks
      • Polls
    • Help
    • About Watercooler

    Footer

    Your privacy

    • Cookie notice
    • Privacy notice

    Terms and policy

    • Acceptable Use Policy
    • Terms of Use

    © 2021 DPOrganizer. All Rights Reserved. With Love by DPOrganizer.