top of page

What does GDPR mean?

The EU General Data Protection Regulation (GDPR) came into direct force in UK law on 25th May 2018. GDPR replaces the 1995 EU Data Protection Directive (European Directive 95/46/EC), strengthens the rights that EU individuals have over their data, and creates a uniform data protection law across Europe. Read in conjunction with the existing Privacy and Electronic Communications Regulations, which governs the use of telephone and electronic marketing channels, the GDPR provides a clear regulatory framework for processing marketing data.

Thinking Data has worked with advisory and regulatory bodies, and its data partners, to ensure that the data that we supply is compliant with the new legislation.

We've prepared a brief document which explains how we comply, which you may wish to use to demonstrate due diligence when you're buying data from us.

What are the rules on B2B marketing data?

Full guidance on how to comply with the new regulations can be found at the Information Commissioner's Office website. For the purposes of B2B marketing data which you've bought from third parties such as Thinking Data, the following rules apply:


Postal mailings continue to be an opt-out channel. You need to give recipients the opportunity to opt out of future mailings.Telemarketing communications are also an opt-out channel.


Telephone numbers must be screened against the Telephone Preference Service and Corporate Telephone Preference Service files prior to use, and subsequently every 28 days. All data supplied by Thinking Data Limited is screened immediately prior to supply.


Business-to-business email communications fall into two categories as follows:


  • Emails to the employees of corporate entities – limited companies, public limited companies, limited liability partnerships and government departments (including schools and hospitals) can be emailed without consent. Individuals must be given a clear and easy means of opting-out from future communications.

  • Emails to sole traders and traditional partnerships are treated in the same way as consumer data, and opt-in consent must be gained for these contacts.


Note that in the light of the final point above, Thinking Data Limited only provides emails for corporate bodies.

What about my own data?

If you're concerned about business data you already own, talk to us about our checking service which matches your data against our business file, in order to identify those businesses which it is still safe to contact, and those from whom consent should be sought.


Drop us an email to find out more, or send us a message through our contact page.

bottom of page