Unless you’ve had your head in the sand, you will no doubt know by now that the Data Protection Act – which hasn’t been updated since 1998 – will be replaced on 25 May 2018 by the General Data Protection Regulations, or GDPR. This is a unified set of data protection rules that will be enforceable across the EU. In a nutshell, you will need to ensure that you have a valid opt-in from an individual before you can contact them for marketing purposes – but also that you are able to prove how and when you obtained the opt-in.
You may also have heard about various large companies such as Wetherspoons deleting their entire marketing list and starting from scratch – but you don’t need to go this far. Listed below is a goldmine of GDPR resources to help you navigate this process. A caveat – I am not a lawyer and anything I have written in this post should not be treated as gospel; I would advise that you seek the advice of a qualified GDPR consultant if you have any doubts about the process or the validity of your data.