GDPR compliance

GDPR is the replacement for the Data Protection Act that came into force in May 2018 operates within the terms of the General Data Protection Regulation (GDPR). If you buy data from MediumAxis and use it within the constraints of our Terms and Conditions, the data mostly complies with GDPR. However, you have to ask our manager for confirmation about every mailing list.

Much of our data is gathered from public sources such as company reports, press releases, trade magazines, business news websites, company websites and social media. We focus on large companies and the key decision makers within those companies.

We supplement information from public sources with telephone research, checking all data every six months with the relevant company.

The key requirements of the General Data Protection Regulation are that data is used responsibly, is up-to-date (although no time frame as to what up-to-date is specified) and that the data subject (person listed) has been informed that they are on the mailing list and that the data subject has not asked to be removed from that list.

Every data subject on MediumAxis Marketing’s mailing lists has been sent an email to inform them that they are on our mailing lists and that they may be contacted by potential suppliers who wish to work with them or their department.

If a person asks to be removed from our marketing database, their name is immediately removed and systems are in place to ensure that their name is not added at a later date. All of our emails have an unsubscribe and profile management links.

As a user of Electric Marketing business lists, the General Data Protection Regulation requires you to:

  1. Only send mail that relates to business matters.
  2. If you are using bought-in lists and are sending an email to a named person, you must do so on the basis of Legitimate Interests and your company must have conducted a Legitimate Interests Assessment. Your email must contain a link to your privacy policy and also your Legitimate Interests Assessment.
  3. Make sure you have a return address on your messages (so that the Mail system can return any letters that are incorrectly addressed). You can return these ‘gone aways’ to us, so that we can update our records too.
  4. You must ensure there is an option for the addressee to remove himself or herself from the list.
  5. If you are using email addresses your email must contain a mechanism whereby the person can opt out of receiving any further e-marketing communications from you. All it requires is a line at the bottom of the email saying ‘if you don’t wish to hear from us again, please reply with the word ‘unsubscribe’ in the subject line’. This is a central part of the Privacy & Electronic Communications (EC Directive) Regulations 2003.

We recommend that you do not use the data for more than six months without either checking it yourself or buying an updated version of the list from Electric Marketing. 

GDPR obliges you to keep your mailing lists up-to-date.

MediumAxis Marketing offers to email you quarterly updates of data bought from us for 10% of the original purchase price.

If we find that data users are not complying with the the General Data Protection Regulation or are using our data unlawfully, we reserve the right to blacklist the offending organization and report them to the Information Commissioner.

GDPR exists to protect people from the unscrupulous companies who take no care over the compilation and updating of their data. Legitimate users of well researched and maintained lists have nothing to fear from this law.