GDPR Compliant

Buying GDPR compliant data from Dissemify Ltd t/a Business Data List.

The General Data Protection Regulation came into effect on 25th May 2018.

GDPR particularly deals with the issues of using personal information within the digital economy. Simply put, informed consent of individuals must be obtained and clear rules for companies who seek to do business in the European Union.

What is Personal Information?

According to the Information Commissioner’s Office; personal dates information relating to a natural person who can be identified directly from the information in question

  1. If personal data is anonymised (e.g no identifiable information of the individual) then the anonymised data is not subject to GDPR.
  2. Information about companies or public authorities is not personal data.

Dissemify Ltd t/a Business Data List does not encourage the use of personal information without consent as directed by the GDPR.

When you purchase data from us we recommend you follow the guidelines set out by the General Data Protection Regulation and the Information Commissioner’s Office. When you purchase data you also acknowledge and accept our terms and conditions.

Our Recommendation

You must make sure when sending electronic mail that you include an option to “unsubscribe”. Give the end-user an opportunity to opt-out of any further communication from you.

Send emails that only relate to relevant business matters. Please refrain from sending emails of a personal matter.

Do not SPAM. This is the type of unwanted, unsolicited and unrelatable emails sent out in large quantities. In most cases bulk emails will be detected by the email server and flagged as junk mail, therefore, in your best interest please do not send high bulk emails.

We recommend sending emails from a business email address and not from your personal one. Also, include a link to your website where the end-user can view your company information.

In an event that we are informed of unscrupulous use of the data purchased from our database, we reserve the right to blacklist the offender from any future purchases.


GDPR Processing Marketing Data

What does the GDPR marketing consent mean?

GDPR consent rules only apply to marketers when handling personal data. Personal data is when an individual can be identified from the data you hold. For example, an email address with the individuals first name and surname is considered personal data.

GDPR requires you to receive permission first before sending marketing emails or phone calls to individuals. Permission or consent must be in recorded ‘written’ form. A popular method is to have the individual subscribe (via website) to receive emails or phone calls. 

You don’t need permission to send marketing emails to business email addresses. Any business email, even if the individual is identifiable from the email, can receive marketing emails as long as the sender uses ’legitimate interest’ content. 

However, you must be careful with sole-traders. They are considered as individuals by GDPR and marketers must receive permission first before sending emails.

Is the GDPR compliance applicable to US companies?

GDPR compliance applies to the data of European (EU/EEA) residents. Therefore, if your US company is processing EU residents data then you must comply with the rules of GDPR. Your US company can be liable if the data is not being processed correctly. 

Any company outside of the EU that processes EU residents data must comply with the rules of GDPR. This is in place to protect the data of individuals and sole-traders residing in the EU. Companies can be prosecuted if they receive enough complaints.

Where can I get GDPR compliant good quality B2B leads?

If you are looking to send cold marketing emails what you need are targeted lists. For best results use targeted lists to send quality targeted content. You can find high quality B2B targeted marketing lists at The list of business data is perfect for email marketing, telesales and direct marketing.

Can a company use GDPR ‘legitimate interests’ for processing all data?

A company processing data that can identify individual EU residents must comply with GDPR rules. The data processing company must receive consent before marketing to those individuals. ‘Legitimate interest’ only applies to B2B data being used to send marketing emails and telephone calls. 

Data that is not considered personal data can be contacted without consent but must be careful to only send information that is of legitimate interest to the recipient. Business email addresses, including individuals that can be identified from the name, is not considered personal data.

What are the GDPR rules about direct mail marketing?

GDPR rules apply whenever a business is processing ‘personal information’ of EU residents. However, when it comes to direct mail GDPR expects the sender to practice the concept of ‘legitimate interest’ and does not require consent in advance.

When posting marketing literature to individuals residing in the EU, make sure the content will be of interest to the recipient. Also, it is good practice to provide details of how to unsubscribe. Many marketers include a website address on the printed literature instructing the reader on how to stop future mail.

What are the GDPR rules around telemarketing and face-to-face sales?

As a marketer, under GDPR guidelines you are allowed to call individuals (EU residents) without receiving consent. However, you must still practice moral restraint to avoid complaints. You cannot do or say whatever you want. You must believe the prospect has legitimate interest before you call. Do not call them if they have told you they do not want calls and always reveal your company identity.

GDPR applies the same rules for door-to-door sales. Individuals and companies can be canvassed for marketing purposes without consent. This must be done within reasonable hours during the day and you must believe they have legitimate interest in what you’re selling. Canvassing must stop if they have asked you to do so. Your primary objective must always be to avoid complaints from those you are canvassing.

GDPR Email Marketing Data

Can I cold email under GDPR?

If by cold email marketing you mean you don’t have consent then you can only email businesses. GDPR does not allow you to email individuals (and sole traders) without their explicit consent. Business emails including business emails with their full name can be used for marketing without consent. However, you must believe they have legitimate interest in the products or services you are promoting. 

Are abandoned cart emails allowed under GDPR rules?

EU resident individuals who can be identified from their email (and associated info) must first give explicit consent before receiving marketing emails. Many occasions an individual will voluntarily enter their details (including their email) then abandon the cart. If this happens, the website owner can email them, but only regarding or relating to the abandoned cart. This is known as legitimate interest and is allowed under GDPR rules. 

Abandoned cart is not cold email marketing (where you need explicit consent to email individuals), as the individual is already aware of your products or services and brand. As a marketer you are only following up their initial interest. However, this does not mean you can email them whatever you want, it must be within the ‘legitimate interest’ realm as described and allowed by GDPR.

What are the email marketing cons of GDPR?

GDPR rules on email marketing were put in place to benefit the marketer and protect privacy of the individual. However, good intentions can come with disadvantages for both parties, the marketer and the individual.

Cons for marketers: With the GDPR rules now in place it has made it very difficult for marketers to have large mass mail campaigns. B2C marketing has restricted the marketer to send emails to those who have already consented, meaning it eradicates cold email marketing to individuals. This makes it much more expensive for marketers as they have to seek more traditional forms of marketing. 

GDPR virtually stops B2B mass email marketing due to rules instructing B2B marketing emails to be of ‘legitimate interest’. This means that the email lists need to be more targeted in order to provide content that the recipient will find relatable. No more “one email for all” tactic. 

Cons for individuals: Due to GDPR rules individuals are now limited to receiving emails from only those they have subscribed to. This removes the ability of making an informed choice regarding products and services received from mass emailing. Individuals receive less information from email regarding new innovations or better alternatives to products and services they may have already subscribed to.

How can I keep doing cold email prospecting with the GDPR rules in place?

If you were emailing individuals residing in the EU without their permission then you need to stop. Only with explicit consent can you send marketing emails to individuals to comply with GDPR rules. 

You can send cold marketing emails to businesses provided that it’s believed to be of legitimate interest to the recipient. The best way to know that your email content will be received with interest is by using targeted email lists. This also increases the chance of positive feedback and greater open rate.

How can I do email marketing under GDPR?

GDPR overall has improved email marketing and secured trust in the method. The best way to do email marketing under GDPR is to follow the rules clearly laid out. Do not send cold emails without consent to individuals (EU residents). 

Always practice ‘legitimate interest’ when writing email content. Make sure you believe the recipient will find the email content relatable. Using targeted email lists helps to comply with GDPR. Emailing to targeted groups increases the chances of positive feedback and higher open rate.

Can you send a marketing email if a business email address is on their website?

You are allowed under GDPR to send cold marketing emails to businesses. It is advised that the content of the email should be of legitimate interest to the recipient. If a company has listed their email address on their website then it is fair game for you to send them an email.

Does GDPR affect affiliate email marketing?

GDPR rules must be applied to all email marketing including affiliate email marketing. The most important rule you must take note of is the fact that you cannot cold email to individuals without their consent. 

If you are processing data of individuals residing in the EU for your affiliate email marketing campaign then you need to pay attention to the rules set by GDPR. 

Affiliate email marketing is a process of sending emails with embedded links to affiliate websites. This is no different to sending other types of marketing emails with embedded website links. Therefore, affiliate email marketers are subject to GDPR rules like any other email marketer.

How can you ensure marketing email lists comply with GDPR rules?

Your marketing email lists must comply with GDPR rules. If your list contains individuals residing in the EU that have not given you their consent to receive emails then you must remove them from your list. Also remember, sole-traders are considered as individuals and must give their consent to be on your email list. 

You are allowed to cold email businesses according to the GDPR rules. Best way to do it is to use targeted email lists and use content that you deem to be of legitimate interest to the recipient. This is to ensure less complaints and comply with GDPR ‘legitimate interest’ policy.

Has GDPR killed targeted B2B email marketing?

On the contrary, GDPR rules have made targeted email lists more desirable. Using targeted lists means that you are more likely to receive positive feedback from the recipients and a greater open rate. GDPR guidelines request email content to be of ‘legitimate interest’ to the recipient. Targeted email lists give you the ability to send content more relevant for the recipient.

Can I send emails to companies using Gmail as their business email address?

There are many companies that use Gmail as their primary business email. GDPR is highly concerned with protecting personal individual data. Business email addresses can receive cold emails from marketers according to GDPR. 

Any email address that identifies the individual is considered personal data. Therefore, if a business email identifies the employee by name then that email is considered as personal data. 

GDPR does allow cold emails sent to business emails even if the individual is identifiable from the email. In this situation the marketer must practice ‘legitimate interest’ email content when sending cold emails and have an opt-out link. 

GDPR does not stop you marketing to businesses and leaves it up to you to decide if the content you are sending will be of interest to the recipient. What you want to do is pay very special attention to this to avoid complaints.