This statement sets out the operating procedures Ezee Prospects undertakes to ensure GDPR best practice is observed to the greatest extent possible, at all times.

What is GDPR?

The General Data Protection Regulation (GDPR) is a legal framework that sets guidelines for the collection, storage, and processing of personal information from individuals who live in the European Union (EU).

The Information Commissioner’s Office is the UK regulator dealing with the Data Protection Act 2018 and the General Data Protection Regulation and the Privacy and Electronic Communications (EC Directive) Regulations 2003 across the UK.

 It is imperative to approach GDPR compliance seriously, as the repercussions for non-compliance are substantial and deliberately punitive.

Ezee Prospects and GDPR compliance

Our experience and knowledge of GDPR

We work with third-party GDPR practitioners to ensure maximum compliance with GDPR and the Privacy and Electronic Communications Regulations (PECR), which relate to sending emails.

Ezee Prospects and you (‘the client’)

We are joint controllers of data. Even though we are working with you to grow your business, it is essential to recognise that we are both responsible for deciding:

• Who to target
• What data to collect
• How the data is processed
• What copy is sent
• How the data received will be collected, processed and stored

Find out more about joint controllers.

Our Marketing Activities and Compliance

Our services are specifically tailored to assist businesses in promoting their products and services exclusively to other businesses, a practice commonly referred to as B2B marketing.

We have crafted our operational processes to ensure full compliance with the General Data Protection Regulation (GDPR). This commitment to compliance is supported by a comprehensive technical and operational infrastructure.

Before initiating an email campaign on behalf of a client, we undertake a thorough assessment to ascertain whether the product or service aligns with the criteria for GDPR and Privacy and Electronic Communications Regulations (PECR) compliant B2B marketing.

A pivotal component of this assessment is the Legitimate Interest Assessment (LIA). Legitimate interest serves as the legal basis for data processing under GDPR. Should our evaluation reveal that your planned B2B prospecting does not meet the criteria for legitimate interest or if it contravenes any other regulatory aspects, regrettably, we would be unable to support your project.

Defining Legitimate Interest:

GDPR delineates permissible circumstances under which personally identifiable information can be processed, with one such circumstance being legitimate interest. To establish legitimate interest as a basis for processing, three fundamental criteria must be satisfied:

Identification of a legitimate interest: This can encompass your own interests or those of a third party. For instance, can your product or service assist another business in expanding its market share?

Demonstrating that processing is necessary: It necessitates proving that achieving the same outcome would be unfeasible through alternative means.

Balancing against individual rights, interests, and freedoms: We must weigh whether the individual receiving the email would reasonably anticipate their data being employed in such a manner.

Additional Insights on Legitimate Interests.

The Rights of Individuals

Each email dispatched by us includes a link to a privacy policy that delineates the recipient’s rights and details the data held about them.

All recipients have the option to opt-out, effectively preventing further email communications. We diligently log all opt-out requests and promptly add the concerned individuals to your campaign’s exclusion list within a 24-hour timeframe.

Furthermore, individuals retain the right to request access to all data held about them, a process known as a Subject Access Request (SAR).

Additionally, individuals possess the “Right to be Forgotten,” entitling them to request the removal of some or all of their data from our records.

Ezee Prospects takes data protection seriously. We follow GDPR and PECR rules, and it’s a big part of our business. We’re committed to keeping data safe and following the law.