Use the Lexology Navigator tool to compare the answers in this article with those from other jurisdictions.
Electronic marketing and internet use
Are there rules specifically governing unsolicited electronic marketing (spam)?
There is a comprehensive set of rules governing direct marketing, resulting from the combined application of both the Personal Data Protection Code and the Data Protection Authority’s Guidelines on Marketing and Against Spam of July 4 2013.
As a rule, data controllers may contact users for direct marketing purposes with the prior consent of the user. This rule applies to communications performed by means of automated calling or communications systems without human intervention or by email, fax or text message. Consent needs to be given only once to enable marketing activities using different means of communication, provided that the data subject can opt out at any time from one or more of the means of communication used by the data controller.
Further, when the personal data is drawn from publicly available papers or electronic directories, data controllers may contact users only by telephone or mail, provided that users have not exercised their right to object (opt-out mechanism).
Finally, where a data controller uses, for direct marketing of its own products or services, electronic contact details for emails supplied by a data subject in the context of the sale of a product or service, it need not request the data subject’s consent, provided that the services are similar to those that were the subject of the sale and the data subject, after being adequately informed, does not object to the use either initially or in connection with subsequent communications.
As of May 25 2018, where personal data is processed for direct marketing purposes the data subject must have the right to object at any time to processing of his or her personal data for such marketing, including profiling to the extent that it is related to direct marketing.
So-called ‘technical cookies’ are exempt from this requirement. Technical cookies are used only to transmit a communication over an electronic communications network or in order for a service provider to deliver a service that has been explicitly requested by the subscriber or user. Under the Data Protection Code, technical cookies may be used without the user’s consent, provided that the user is informed as required.
Click here to view the full article.