Lesson 3 – Rosemary Smith, Director of Data Protection consultancy, Opt-4 provides some advice about data collection on Business to Business websites.
B2B websites offer multiple opportunities to collect data for future use and there is a huge temptation to gather information – especially email data – in order to maintain ongoing relationships with site visitors. But many sites serve up inadequate permission statements and “boilerplate” privacy policies which encourage opt-out.
Most B2B collection falls outside the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR). However, some website owners have taken the view that because of the growing sensitivity of internet users to privacy issues, opt-in is the only satisfactory way of achieving permission; they are also keen to reassure registrants that their data will never be disclosed or used by third parties. Others believe that there is no reason why the current UK regime which principally operates on an opt-out basis should not be applied online.
Viral marketing promotions are increasingly being used by B2B website owners to acquire colleague prospect names. There are data protection issues with this form of promotion as the individual is not present at the point of collection and cannot, therefore, give the necessary permissions for future marketing.
Links to other affilated sites are also now common. B2B sites should should include disclaimers in privacy policies to indicate that data surrendered post-link will be subject to different privacy policies.
Badly written data collection screens and misleading privacy policies can really cost companies money. Getting someone to visit your website and then failing to engage them enough to give you permission is a huge waste of effort and money!