General Data Protection Regulation
Posted: Sun May 25, 2025 5:01 am
Calling Time Restrictions: Limits telemarketing calls to specific hours (e.g., typically 8 a.m. to 9 p.m. local time of the recipient).
Identification Requirements: Mandates that telemarketers provide their name, the name of the person or entity on whose behalf the call is being made, and a telephone number or address at which that person or entity may be contacted.
Record Keeping: Requires maintaining records of consent and compliance.
Heavy Penalties for Violations: Significant fines per violation.
(GDPR) - European Union/European Economic Area:
Lawful Basis for Processing: Requires a valid lawful basis (e.g., consent, legitimate interest, contract) for processing personal data, including phone numbers for outbound calling. If relying on legitimate interest, a Legitimate Interest Assessment (LIA) is necessary to balance business interests against the individual's rights and freedoms.
Consent: If consent is the chosen lawful basis, it must be freely given, specific, informed, and unambiguous. Opt-in consent is required; pre-ticked boxes are not valid. It must be as easy to withdraw uk phone number list consent as to give it.
Data Subject Rights: Individuals have rights to access, rectify, erase ("right to be forgotten"), restrict processing, and object to the processing of their personal data.
Transparency: Individuals must be informed about how their data is being processed (usually via a privacy notice).
Data Minimization and Purpose Limitation: Collect only necessary data for a specific, explicit, and legitimate purpose.
Cross-Border Data Transfers: Strict rules apply to transferring personal data outside the EEA.
Significant Fines for Non-Compliance: Up to 4% of global annual turnover or €20 million, whichever is greater.
Privacy and Electronic Communications Regulations (PECR) - United Kingdom:
Identification Requirements: Mandates that telemarketers provide their name, the name of the person or entity on whose behalf the call is being made, and a telephone number or address at which that person or entity may be contacted.
Record Keeping: Requires maintaining records of consent and compliance.
Heavy Penalties for Violations: Significant fines per violation.
(GDPR) - European Union/European Economic Area:
Lawful Basis for Processing: Requires a valid lawful basis (e.g., consent, legitimate interest, contract) for processing personal data, including phone numbers for outbound calling. If relying on legitimate interest, a Legitimate Interest Assessment (LIA) is necessary to balance business interests against the individual's rights and freedoms.
Consent: If consent is the chosen lawful basis, it must be freely given, specific, informed, and unambiguous. Opt-in consent is required; pre-ticked boxes are not valid. It must be as easy to withdraw uk phone number list consent as to give it.
Data Subject Rights: Individuals have rights to access, rectify, erase ("right to be forgotten"), restrict processing, and object to the processing of their personal data.
Transparency: Individuals must be informed about how their data is being processed (usually via a privacy notice).
Data Minimization and Purpose Limitation: Collect only necessary data for a specific, explicit, and legitimate purpose.
Cross-Border Data Transfers: Strict rules apply to transferring personal data outside the EEA.
Significant Fines for Non-Compliance: Up to 4% of global annual turnover or €20 million, whichever is greater.
Privacy and Electronic Communications Regulations (PECR) - United Kingdom: