Business Legal Services
We offer a wide range of legal services for businesses of all sizes, with pricing plans designed for start-up, small and venture-backed businesses and medium to large businesses.
Find out more
Banking & Finance Law
Business Disputes
Business Immigration Law
We advise businesses, entrepreneurs, investors and educational establishments on all aspects of UK immigration law, from recruiting overseas staff to ensuring ongoing compliance obligations are being met with the UK Visas and Immigration (UKVI).
Find out more
Commercial Law
Commercial Property Law
Construction Law
Corporate Law
Data Protection & Privacy Law
Employee Share Schemes
Employment Law
Financial Services Regulation
Funding & Investment
Insolvency & Corporate Recovery
Intellectual Property
IT & Commercial Technology Law
Business Life Cycle
Our Business Life Cycle is designed to guide you through the different situations you’re likely to encounter on your business journey.
Overview 
Sectors
Our senior solicitors have built up a wealth of specialist sector knowledge throughout their careers. We appreciate that one size never fits all, which is why we leverage our team's sector knowledge through a multi-disciplinary approach to providing you with tailored and relevant advice. Our sector focused interest and experience enables us to provide up-to-the-minute advice and help you to anticipate the legal impact of potential future changes on your business.
Find out more
Creative Industries
Our creative sector solicitors keep abreast of the latest cases, legislative changes, and industry developments, to ensure our clients receive smart, pragmatic, insightful, and tailored legal services. We provide expert legal advice and representation in relation to all creative endeavours, including clients in advertising and marketing, television, theatre, music, art, publishing, architecture, technology, and all spheres of design.
Find out more
Energy, Utilities & Environment
Our energy, utilities and environment solicitors are expert legal advisers to the industry, including individual and institutional investors and funders, technical advisors, developers, entrepreneurs, utility firms, environmental and waste technology companies, landowners, aggregators, CICs, inventors and environmental scientists, contractors and suppliers and have vast experience in the sector.
Find out more
Life Sciences
Our multi-disciplinary life sciences legal team has specific sector experience, and our life sciences lawyers cover a range of areas such as risk assessment and management, manufacturing and supply chain issues, compliance review and advice including product liability, intellectual property issues and the development of IP strategies, data protection and GDPR advice, licensing and contractual issues, financial advice and mergers and acquisitions, as well as disputes and litigation management.
Find out more
Manufacturing & Engineering
Our manufacturing and engineering lawyers have an in-depth understanding of these sectors and the needs of businesses. We understand the vast and vital contribution manufacturing and engineering businesses make towards the British economy. Our solicitors partner with clients within these sectors to ensure their interests are protected and their commercial ambitions are achieved.
Find out more
Public Sector
Whether you’re situated directly within the public sector or you’re a commercial partner, our public sector solicitors can help you with all areas of business law you’re likely to need advice on, from banking and finance, commercial tenders and contracts, dispute resolution, real estate, intellectual property, data protection, employment law and much more.
Find out more
Retail & Luxury Brands
Whatever your business within the retail sector, our retail lawyers understand this challenging market and work across a range of areas including e-commerce, corporate and commercial, commercial property, dispute resolution and employment law to help advise and provide solutions for your business.
Find out more
Sports
Our sports law solicitors have expertise in the latest sports law and they also understand the industry; including its structures, regulations, challenges, pressures, trends, and developments. We offer legal advice and representation to national governing bodies, international federations, sports clubs, and athletes in any sport, whether amateur or professional.
Find out more
Start-ups
Our team of experienced senior solicitors are business and finance law specialists, with a proven track record in supporting start-ups - they have the legal skills and experience to help founders who want to get things right from day one. We act for start-up companies, entrepreneurs, founders, boards and individual directors of early-stage companies, financial institutions, and investors considering investment under the EIS and SEIS schemes.
Find out more
Technology
Our expert technology solicitors advise both specialist technology companies as well as their partners, customers, and users. We understand the commercial issues involved in tech depend on the services and products involved, which is why we endeavour to understand your niche and its implications. Whether you are a crowdfunded start-up or a large multi-national, our dedicated team of technology specialists are adept at acting for you wherever and whenever technology defines or intersects your organisation.
Find out more
Our Pricing & Service Plans
Our Pricing & Service Plans
Our unique subscription plans coupled with our remote operating model allow us to deliver expert legal advice, from partner level lawyers, at a fraction of the cost compared with traditional law firms. Our Enterprise and On-Demand plans help you spread the cost of advice and access discounted rates, providing flexibility, peace of mind and plans that can scale with your business.
Find out more
The City Plan
Our City service provides you flexible access to our experienced lawyers, with no fixed monthly cost and low hourly rates, from £290 per hour. Whatever legal assistance you need, we can help you and the cost of using our experienced lawyers will provide a significant saving compared to those associated with traditional law firms.
See Our Pricing Plans
The Enterprise Plan
Our Enterprise subscription package is specifically designed for start-ups and smaller sized businesses. With a £215 monthly subscription fee and additional legal support from senior solicitors at £145 per hour, it includes 1-hour of free legal support per month which rolls over if unused.
See Our Pricing Plans
The On-Demand Plan
Our On-Demand plan is a smarter way for high-growth and established businesses to get legal advice. A fully account managed quarterly subscription service which provides you with priority access to experienced partner-level solicitors, recruited from top 100 UK law firms, whenever you need them, at an affordable and flexible budget set by you.
See Our Pricing Plans
Fixed Fee Products
Solve common issues with our suite of fixed fee products, giving you clarity on costs and deliverables.
See Our Pricing Plans
About Us
Harper James is a new breed of commercial law firm – a national law firm designed exclusively to champion ambitious and entrepreneurial businesses, enabling them to access expert legal advice at an affordable cost when they need it most. We work with start-ups through to established businesses that have been running for years or looking to scale, futurecorns and unicorns as well as those ready to sell and often build their next business.
Find out more
Careers
Work with like-minded individuals and free from the bureaucracy of traditional law firms in a truly flexible workplace. We offer career opportunities for solicitors and business support professionals that meet your needs and evolve as you evolve.
Find out more
Meet Our Team
Meet the people of Harper James.
Find out more
Press & Media
Our solicitors are well-positioned to provide commentary on all manner of commercial legal issue and regularly contribute to both national, sector and industry press.
Find out more
What Our Clients Say
A selection of our client testimonials.
Find out more
Join our team
Work with like-minded individuals and free from the bureaucracy of traditional law firms in a truly flexible workplace. We offer career opportunities for solicitors and business support professionals that meet your needs and evolve as you evolve.
See Our Open Positions 
News & Insights
The latest news and insights from Harper James including our 'Meet the client' interview series, case studies, legal updates, events and webinars, podcasts, videos and spotlights on our solicitors.
Find out more
Company News
The latest Harper James news.
Find out more
Client Stories
Examples of some of the exciting work and waves our clients are making as well as in-depth client interviews and stories.
Find out more
Events & Webinars
Providing practical insights and Q&A opportunities based on common legal challenges.
Find out more
Podcasts & Videos
Watch and listen to our latest podcasts and videos featuring client and Harper James interviews and stories.
Find out more
Thoughts & Opinions
Our views and perspectives on some of the latest developments.
Find out more
Knowledge Hub for Growth
Our free resource designed to help your business overcome challenges and realise its potential. Written by lawyers and business experts, these resources will help you decipher legal terminology and tackle key milestones from securing funding and growing your team, to protecting your ideas and expanding to new markets.
Find out more
Subscribe to Our Newsletter
Receive the latest legal insights, practical guides, client stories and other news.
Subscribe Now 
Contact Us
Please leave us your details and we’ll contact you to discuss your situation and legal requirements. There’s no charge for your consultation, and no obligation to instruct us. We aim to respond to all messages received within 24 hours.
Find out more
Make An Enquiry
Get in Touch
Request A Call Back
Get in Touch
Offices
Get in Touch
Offices
We mainly work remotely, so we can work with you wherever you are. But we can arrange face-to-face meeting at our offices or a location of your choosing.
Overview 
Knowledge Hub
Data Protection
All Knowledge HubBusiness DisputesBusiness GrowthBusiness ImmigrationBusiness PlanningCommercial LawCommercial PropertyCorporate LawData ProtectionEmployee Share Schemes and Equity IncentivesEmployment LawFinance & Investment LawFinancial Services RegulationInsolvency & Corporate RecoveryIntellectual PropertyInternational Trade and BrexitRecession Busting
B2B Marketing And GDPR: The Basics
Make an enquiry

Knowledge Hub
for Growth

B2B marketing, UK GDPR and PECR: The Basics

Article
Article
12 mins read
Updated on 8 September 2023
Becky White
Our subject expert
Becky White
Senior Data Protection & Privacy Solicitor

Marketing is a key way to grow a business, but legal rules apply to it.

There is often a lot of confusion around business-to-business (B2B) marketing and how the UK GDPR data protection law rules apply to it. Alongside UK GDPR, there are also other legal rules which apply to direct marketing activities.

In this guide to the way UK GDPR and PECR impact your B2B marketing campaigns, we will look at the relevant rules and examine some of the issues our small and medium-sized business clients regularly encounter. This is a complex area of law which a lot of businesses get wrong. If you have any specific enquiries or requests, contact one of our data protection lawyers today.

How does GDPR apply to B2B marketing?

The UK GDPR and the Data Protection Act 2018 protect the personal data of individuals. If, during your B2B marketing, you can identify individuals (directly or indirectly) then generally the UK GDPR rules apply. You’ll therefore need to ensure your marketing activities are UK GDPR compliant.

You may wonder why these rules impact business marketing. Purely corporate information about commercial entities, (such as the names of limited company) are not covered by the UK GDPR. However, this does not mean you can ignore data protection principles altogether when engaged in activities such as B2B marketing. If you are using any personal data of individuals for marketing purposes (e.g. joe.bloggs@123Ltd.com), then the UK GDPR rules will apply to your activities. Names, addresses or other personal information about employees or directors of a company are classed as personal data. Therefore, you’ll need to make sure you are acting in accordance with the UK GDPR rules when targeting businesses. This also means the UK GDPR sanctions will be available to the regulator if you breach the rules.

For information on what personal data means, see our what constitutes personal data.

When processing personal data for B2B marketing purposes you still need to:

  • Make sure your processing of personal data is lawful, fair and transparent. You will need to consider how to inform individuals about how their personal data is used for marketing purposes. For example, you will need to set out your direct marketing activities in your Privacy Policy.
  • Comply with the UK GDPR rules, such as the right for individuals to object to their data being used for marketing.

You should note that businesses can object to receiving marketing from you.

For example:

  • You should not make marketing calls to businesses who have objected to this.
  • You cannot use an individual’s personal data for marketing purposes if they have specifically objected to this. This also applies in the context of business.

It is important to understand these restrictions when engaging in B2B marketing campaigns.

See our guide for further information on compliance with the UK GDPR.

What is PECR and how does it apply to B2B Marketing?

The Privacy and Electronic Communications Regulations (PECR) limit the way businesses can use emails, texts and phone calls in their B2B marketing efforts. You also need to comply with the PECR rules when carrying out B2B marketing. PECR sits alongside UK GDPR, to bolster the regulation of unsolicited direct marketing by phone, email, text, or other electronic means.

Whilst UK GDPR is about protecting the rights and freedoms of data subjects, PECR is about protecting the recipients of electronic communications.

The Data Protection Act 2018 specifies that direct marketing is ‘the communication of advertising or marketing material which is directed to a particular individual’. In practice, the ICO notes that direct marketing includes a variety of activities such as:

  • Promoting aims and ideals.
  • Advertising products or services.
  • Fundraising and campaigning.

When a business carries out direct marketing, the PECR rules apply and need to be complied with. The rules are less strict when you are targeting a company rather than an individual. You should also be aware that partnership and sole trader businesses are treated as individuals for the purposes of direct marketing.

Under both PECR and UK GDPR, different forms of marketing attract different rules. For example, this means when sending unsolicited emails to a corporate subscriber (e.g. a company) you don’t need consent (but you would need consent if sending such an email to an individual). Instead, identifying yourself and providing contact details within the email is sufficient for compliance purposes.

Identifying a lawful ground for processing personal data

If your B2B marketing communications are caught by UK GDPR and PECR (that is, you are processing personal data during your marketing activities) then you need to establish a lawful basis for processing the information.

There are six lawful bases for processing and it is up to you to decide which basis is most appropriate.

The UK ICO states that the most commonly lawful bases for direct marketing are consent and legitimate interests.

How do you obtain appropriate consent for B2B marketing?

When processing any data under UK GDPR or PECR, including personal data used for B2B marketing (if required) you must obtain consent that’s freely given, specific and informed. So before sending texts or making marketing calls you must ensure you have obtained valid consent (if needed for those marketing activities).

You must record what an individual has consented to and be able to demonstrate (if requested by the ICO) how you obtained consent. If you engage in marketing without obtaining proper consent you may face regulatory scrutiny and punitive fines so it’s important to have the right procedures in place to ensure compliance.

You should check the relevant ICO guidance to determine when consent should be used for B2B marketing purposes.

For example, consent should be used to carry out the following types of marketing activities:

  • Sending marketing emails to sole traders and certain types of partnerships, where the ‘soft-opt in’ exemption doesn’t apply. 
  • Making automated marketing calls.

When can you rely on ‘legitimate interest’?

A lot of B2B marketing can be justified under the legitimate interest basis for processing personal data.

You will need to establish:

  • A specific interest for the processing.
  • The processing of the data is necessary to achieve this purpose.
  • On balance the processing doesn’t outweigh the interests of the individual.

The legitimate interest ground for processing data is often preferred because it is flexible and gives you greater control over your processing. That said, there is a considerable amount of work involved in identifying a legitimate interest, demonstrating the necessity of the processing, and then subjectively undertaking a balancing exercise to ensure the interest isn’t undermined by the rights of the individual.

You will need to carefully consider if legitimate interest is the correct lawful basis. For example, you may argue that legitimate interests would apply to marketing to existing B2B customers – because those customers would reasonably expect to be contacted by you for marketing purposes.

What do you need to know about marketing calls?

Protecting consumers is at the heart of the UK GDPR/PECR data protection regime. The ‘cold-calling’ of potential customers and scam calling has long been a concern of regulators. UK GDPR and PECR in large part are aimed at addressing issues like this.

The two main things to bear in mind about B2B marketing calls are as follows:

  • If a company has explicitly agreed to receive calls from you, through an opt-in box on your website for example, you can contact them for marketing purposes.
  • Businesses can register with telephone preference services to indicate they do not wish to receive unsolicited marketing calls. By checking these registers to ensure the business you wish to call has not registered with them, you may call them without breaching the data protection rules.

You also need to remember to comply with the rules under UK GDPR. Make sure you consider and document your lawful basis for processing personal data when making telephone marketing calls.

Businesses should take note that the ICO regularly intervenes in relation to marketing calls made in contravention of the rules, imposing significant financial penalties on organisations found to have breached the rules.

What do you need to know about marketing emails?

Email is one of the most common marketing tools.

There is no bar on emailing or texting a company, but from a reputational point of view it’s always good practice to carefully monitor any email campaign you embark on. Many of our clients maintain an up-to-date register of companies that have objected to being contacted in the past to ensure they aren’t contacted by email or text in future.

However, email marketing rules are extremely complicated and can be difficult to navigate. This is partly because different rules apply, depending on who you are emailing. Under the PECR rules, sole traders and simple partnerships are classed as individuals under the rules. Therefore, you will need consent to email them unless they have purchased something from you before or used your services and didn’t opt out of receiving marketing messages (known as ‘the soft-opt in’).

However, you can email corporate subscribers without obtaining their consent. The rules in PECR do not apply to electronic marketing to corporate subscribers, i.e. companies and LLPs, Scottish partnerships, and government bodies. However, you need to ensure that the individual receiving the email at the corporate organisation has the right to unsubscribe from email marketing.

In practice, it can be difficult for businesses to keep on top of the rules and who they need from consent from. Read our guide to email marketing compliance for more information on obtaining consent for email communications. Remember that when you are relying on consent to carry out direct marketing, consent should not ‘last forever’. How long consent remains valid depends on the circumstances, such as the context in which consent was given and the expectations of the individual who gave consent.

You should always remember to document your lawful basis for sending B2B emails, e.g. record if you are relying on legitimate interests to do so and carry out a legitimate interests assessment.

When you are sending marketing emails, the ICO’s guidance states that you must ensure you:

  • Don’t disguise or hide your identify.
  • Give a valid contact address for people and businesses to opt-out or unsubscribe.

This applies whether or not the marketing emails have been requested.

Can we use publicly available data to send business-to-business marketing?

The ICO notes that personal data could be sourced online from public sources such as Companies House, a business website or social media. The ICO has made clear in its guidance that PECR rules need to be followed when you are using information from public sources to:

  • Make marketing calls.
  • Send marketing emails including social media messages.
  • Sending marketing faxes.

Despite personal data being in the public domain, you still need to comply with data protection laws when using it. It is important to keep this in mind throughout your marketing campaigns and ensure that you are always acting in compliance with the applicable legal rules.

What about buying and selling marketing lists?

Accurate mailing lists are a hugely valuable tool for B2B marketing: their uses include providing a way to track a customer’s use of your products and services and testing out new commercial offerings. But with the backdrop of UK GDPR and PECR you must ensure that you use the personal data on marketing lists in a way that fully complies with data protection rules.

You should consider the following:

  • Buying marketing lists: You can legitimately use information contained in marketing lists you acquire from a third party. But before calling companies on the list, you should ensure you follow the rules about checking call-screening registers and, where contacting a sole trader or partnership, ensure that they have given specific consent to marketing calls. In relation to emailing contacts on a bought-in list you must check that organisations have agreed to receive the type of message you intend to send. A blanket agreement to receive texts or emails from third parties will not normally be sufficient to meet UK GDPR requirements.
  • Selling your mailing lists: It’s possible to sell marketing lists you have compiled internally. However, the details you sell will only be of use to third parties if the organisations listed have given specific consent to receive the type of message the purchaser of your list intends to send. As seller of the list, UK GDPR requires you to keep detailed records of how you obtained consent and the purpose for which that consent was given.

What if we fail to comply with the UK GDPR and PECR?

The UK ICO can apply various penalties for non-compliance.

The rules around B2B marketing are complex, and the ICO takes breaches of the rules seriously, imposing fines regularly on many relatively small and medium-sized businesses. It’s essential therefore that you have systems in place to ensure compliance with UK GDPR and PECR and that there is regular staff awareness training.

Fines for breaching the UK GDPR can be up to £17.5 million or 4% of total worldwide annual turnover, whichever is the higher. Breaching PECR is also extremely serious, with fines of up to £500,000. PECR sanctions also include criminal prosecution, enforcement action and audit powers.

Senior management may be held directly responsible if the business is non-compliant. You may also find companies and consumers losing trust in how you look after their personal data. Supervisory authorities not only impose fines, but they also name and shame. People will not be willing to put their personal data at risk with a business that cannot prove to comply with data protection laws and instead move on to the next competitor that can show compliance.

What about the future?

When engaging in B2B marketing, you should be aware of possible changes in the pipeline. The EU is in the process of agreeing a new ‘ePrivacy Regulation’, which could change marketing law rules if the UK lawmakers decide to adhere to the rules. The new ePrivacy Regulation intends to change financial penalties for breaching its rules to the same level as prescribed by the EU GDPR. This means that businesses breaking the rules could be fined up to 4% of annual global turnover for the preceding financial year or 20 million euros, whichever is the greater, for the most serious breaches. As mentioned in our article, there are also potential changes in UK legislation. The proposed ‘Data Protection and Digital Information Bill’ could also amend UK data protection laws. This new law, if implemented, could change the rules around direct marketing. As such, it is important for businesses to watch this space and keep up to date with any changing rules around B2B marketing.

Conclusion

As you will note from this guide, there are several legal rules to comply with when engaging in B2B marketing.

Individuals are far more aware of their rights following the implementation of the UK GDPR. The ICO has regularly acted against companies who have breached the legal rules around direct marketing. Therefore, it is vital to make sure your B2B marketing campaigns are compliant. It doesn’t matter what the size of your company is, as even a few complaints from individuals could result in an investigation from the ICO. Further, for brand image purposes, you will not want your business to be seen as a nuisance by contacting individuals in breach of the legal rules.

UK GDPR compliance is an ongoing process and one that cannot be put in place immediately. However, our data protection solicitors are on hand and ready to assist in making this a swift and easy process.

Please contact us if you would like support with complying with the UK GDPR or PECR rules.

About our expert

Becky White

Becky White

Senior Data Protection & Privacy Solicitor
Becky is an experienced data protection and privacy lawyer who qualified in 2002. She supports clients with navigating data protection compliance and provides practical commercial advice related to privacy laws.  
View Profile 
Areas of Expertise
Commercial Contracts Data Breaches & Incident Management Data Governance Data Protection & Privacy Law Data Protection Health Check Data Protection Impact Assessments Data Protection Officer Support Services and 9 more...
Recent content
11 July
Creating an information security policy: business ... 
30 July
How does GDPR affect payroll?... 
31 October
Data protection in HR: The challenges for HR profe... 
28 September
Data Protection Impact Assessments (DPIA)... 
13 August
FAQs: data protection... 
11 July
Creating an information security policy: business ... 
30 July
How does GDPR affect payroll?... 
31 October
Data protection in HR: The challenges for HR profe... 
28 September
Data Protection Impact Assessments (DPIA)... 

What next?

Our data protection lawyers provide advice and training to key personnel on all data protection matters. If you are concerned about your marketing practices or need more advice on GDPR call us on 0800 689 1700, email us at enquiries@harperjames.co.uk, or fill out the short form below with your enquiry.

Your data will only be used by Harper James Solicitors. We will never sell your data and promise to keep it secure. You can find further information in our Privacy Policy.

Explore related resources

View All 
Updated 4 weeks ago
Data Protection
Data Protection
Transferring personal data out of the UK: the IDTA and UK addendum explained 
Article
Article
6 mins read
Updated 1 month ago
Data Protection
Data Protection
How can standards like ISO 27001 help businesses with GDPR compliance? 
Article
Article
4 mins read
Updated 1 month ago
Data Protection
Data Protection
Negotiating data processing agreements: key considerations 
Article
Article
14 mins read
Updated 3 months ago
Data Protection
Data Protection
Your guide to Data Sharing Agreements 
Article
Article
14 mins read
Updated 4 months ago
Data Protection
Data Protection
What is a Controller to Processor Agreement? 
Article
Article
12 mins read
Business Disputes
Business Growth
Business Immigration
Business Planning
Commercial Law
Commercial Property
Corporate Law
Data Protection
Employee Share Schemes and Equity Incentives
Employment Law
Finance & Investment Law
Financial Services Regulation
Insolvency & Corporate Recovery
Intellectual Property
International Trade and Brexit
Recession Busting
Our offices

A national law firm

A national law firm

Our commercial lawyers are based in or close to major cities across the UK, providing expert legal advice to clients both locally and nationally.

We mainly work remotely, so we can work with you wherever you are. But we can arrange face-to-face meeting at our offices or a location of your choosing.

Head Office

Birmingham 
Floor 5, Cavendish House, 39-41 Waterloo Street, Birmingham, B2 5PP
Regional Spaces

Cambridge 
Stirling House, Cambridge Innovation Park, Denny End Road, Waterbeach, Cambridge, CB25 9QE
Manchester 
13th Floor, Piccadilly Plaza, Manchester, M1 4BT
London 
10 Fitzroy Square, London, W1T 5HP
Oxford 
Harwell Innovation Centre, 173 Curie Avenue, Harwell, Oxfordshire, OX11 0QG
Sheffield 
1st Floor, Dearing House, 1 Young St, Sheffield, S1 4UP
Southampton 
White Building Studios, 1-4 Cumberland Place, Southampton, SO15 2NP
A national law firm

Like what you’re reading?

Get new articles delivered to your inbox

Join 8,153 entrepreneurs reading our latest news, guides and insights.

Subscribe

Search
View search results
View search results 

How can we help?

To access legal support from just £145 per hour arrange your no-obligation initial consultation to discuss your business requirements.

0800 689 1700

Make an enquiry

0800 689 1700

Watch for free

Webinar series: Legal essentials demystified

Unlock valuable insights for your business growth in our webinar series. Whether you’re an HR professional, business owner, or in-house counsel, our webinars explain essential topics and common challenges.

Register for upcoming events or watch previous recordings.

Explore our webinars