Much of this will depend on what you mean by ‘cold contacting’. Whether you mean you are randomly marketing to citizens/member of the public (who have no expectation of the potential approach) or (say) attendees at an event (who may reasonably expect to be approached by organisations connected to or present at the event). There are no relevant exemptions within the GDPR, but CONSENT will be required when using a list acquired from a 3rd part (eg event organiser)
DP-Pro
Much of this will depend on what you mean by ‘cold contacting’. Whether you mean you are randomly marketing to citizens/member of the public (who have no expectation of the potential approach) or (say) attendees at an event (who may reasonably expect to be approached by organisations connected to or present at the event). There are no relevant exemptions within the GDPR, but CONSENT will be required when using a list acquired from a 3rd part (eg event organiser)
Dave_Wylie
I would strongly suggest reading this:
https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/exemptions/