Using consumers’ data for marketing – Consent and legitimate interest

Sep 24th '20

If you haven’t received consent from a consumer, you don’t have a valid ‘legitimate interest’ for using their data and you don’t have another legal basis to rely on, you’re likely to breach the rules in Section 10 of the Committee of Advertising Practice (CAP) Code if you send them a marketing communication.


This guidance explains the rules and how to make sure you don’t break them.


  • Consent or legitimate interest?

When collecting and using consumers’ data for marketing, the most common legal basis is either ‘consent’ or ‘legitimate interest’.  Other narrow grounds for processing or limited exemptions set out in the regulations (General Data Protection Regulation (GDPR)) may be available to marketers, but if you want to rely on them you would need to be able to readily explain to the Advertising Standards Authority (ASA) how they are applicable.  Since these rules are based on legislation, you could also face enforcement action from the Information Commissioner’s Office (ICO) if you break them.


  • What counts as consent?

There are several criteria that need to be met if you’re using people’s data on the basis of consent (these are outlined in the‘Definitions’ in Section 10);


  • First, the consent needs to have been freely given.  If you offer something (e.g. a prize, or entry into a promotion) in exchange for consent, or if consumers are prevented from accessing a product or opportunity unless they give their consent, the ASA is unlikely to accept that it was ‘freely given.
  • Consent also needs to be specific, informed and unambiguous.  If consent to receive advertising messages is bundled in with other T&Cs, or is explained in a vague way, it’s unlikely to count as genuine consent.  So it needs to be separated and clearly explained.
  • Finally, consent needs to be given through a clear affirmative action.  This means that you should give consumers a means of giving consent through a positive action such as clicking a ‘tick box’.  As explained above, this ‘tick box’ (or equivalent) should relate specifically to consent to receive marketing communications, rather than this being bundled in with other T&Cs.  If consent isn’t given through an active gesture (e.g. if the ‘tick box’ is pre-ticked, so that consumers would have to actively un-tick it to withdraw their consent), this is unlikely to comply with the rules in Section 10.


When processing the data of under-13s for marketing purposes, marketers are likely to need the consent of a parent or guardian, and should hold some form of evidence to verify that they’ve received it (Code rule 10.15).


  • When can you use your ‘legitimate interest’?

If you’re intending to use the data to send messages by “electronic mail”, you can’t rely on legitimate interest – you need consent or to have obtained the contact details from a previous sale and be marketing a similar product.  ‘Electronic mail’ doesn’t just mean e-mail. It could be any type of text, voice, sound or image message sent over electronic media.  If you’re unsure whether your marketing message counts as electronic mail, we advise consulting this guidance from the ICO or seeking legal advice.


If the ads won’t be sent through “electronic mail”, data can also be processed if the marketer has a ‘legitimate interest’ in doing so.  Advertisers should seek legal advice to make sure their data-processing is based on a valid ‘legitimate interest’ (Code rule 10.2.3).  If it is, it’s important to remember that ‘legitimate interests’ don’t override consumers’ right to privacy, and they need to be given the opportunity to object to their data being used (10.5).  They should be informed of their right to do so when they are first contacted, and this should be stated clearly and separately from any other material in the message (10.13).


For further guidance on this topic, marketers are encouraged to contact the ICO for advice.


Source: CAP


How can we help!

LS Consultancy are experts in Marketing and Compliance, and work with a range of firms to assist with improving their documents, processes and systems to mitigate any risk.


We provide a cost-effective and timely bespoke copy advice and copy development services to make sure all your advertising and campaigns are compliant, clear and suitable for their purpose.


Our range of innovative solutions can be tailored to suit your unique requirements, no matter whether you’re currently working from home, or are continuing to go into the office. Our services can be deployed individually or combined to form a broader solution to release your energies and focus on your clients.


Contact us today for a chat or send us an email to find out how we can support you in meeting your current and future challenges with confidence.


Explore our full range today.


Contact us



Why Not Download our FREE Brochures! Click here.


Call Us Today on 020 8087 2377 or send us an email.


We welcome individual bloggers / Professional Writers / Freelancers to submit high quality contents. Find out more…


You can see our Google reviews here.


Contact us