Quick Guide To Direct Marketing Compliance

With introduction of POPIA (Protection of Personal Information Act) one of the major changes is the way we market to current and potential clients. In electronic marketing it was previously sufficient to allow for opt-out option but this has changed in the fact a client must actually first opt-in to receive marketing by giving their consent rather than opting out. This affects email, SMS, automated voice machines and fax marketing in a big way so most main channel electronic direct marketing are affected.

We have put together a quick frequently asked questions to guide you to comply with new legislation

What is direct marketing as its referred to?
For purposes we would consider direct marketing and form of push marketing trying to communicate to a person with marketing material typically these include email, SMS, automated voice machines bulk faxes and similar types of channels.

Is direct marketing illegal?
In short the answer is NO but you must make sure you comply. At the bottom of this article we have put in a guide and recommendations to follow when deciding to pursue direct marketing

Is that the end to direct marketing?
Direct marketing is a legitimate practice recognised worldwide and is here to stay for now but regulation on how it is practiced has changed worldwide and stricter laws apply on how it may be done. In South Africa POPI places an emphasis on how we conduct this practice to pursue and find new clients.

Can I still send marketing emails, SMS?
Yes, you can but importantly you need to get permission from the intended recipient and clearer record that you got consent if they are no your existing client.
In real world practice this would mean you could email a potential client first to request consent before actually sending any marketing as a once off email. Should they give consent and its recorded and clear you may market to that potential client as long as they have the ability to opt-out and all other regulations regarding the marketing is compliant.
The information regulator (still to be appointed) may also issue enforcement notices to get proof of consent which can land you in some serious legal issues should you not be able to comply.

What about telephone calls and cold calls?
You may still do this even without consent but remember to have processes in place to handle opt-out as well as dealing with the client’s disputes/queries which you need to be able to disclose as per section 18 of POPIA, things like

• Where was the information obtained
• What is done with information
• Disposal of the information

Does that mean leads lists or leads generation is illegal?
The aim is to stop SPAM in a spray and pray type marketing. Sourcing up to date quality leads from reputable sources that comply with regulations IS LEGAL. This generally means those leads are very targeted and the potential client has an interest in a type of good or service. Again you will need to make sure you record things like consent and reputable providers can give you this information

Your existing clients, what is marketing?
– Service related email and notices without marketing intention do not require opt-in but it is still a good idea to allow opt-out if they are non-critical servicing email or SMS notices
– Existing clients must be given option to opt-out of marketing related emails but opt-in is not compulsory we suggest to request opt-in to safe guard yourself in future

Guide To Best Practice And Our Recommendations

1. Check the current “Do not market register” currently handles by the Direct Marketing Association www.dmasa.org The persons that register their details on these databases have stated they do not want to be marketed to and as such do not market to them
2. Make sure your terms and conditions and privacy policies cover consent and how you deal with personal information
3. All direct marketing especially electronic channels like email and SMS to new / potential clients requires opt-in consent.
4. Consent must be choice driven and must be specific for the purpose. So a blanket opt-in should not be used for all products and services 
5. It should be clear and give the person sufficient information to make the above decision in terms of giving their consent.
6. You should notify the client in terms of section 18 of POPIA to be safe and sure. See more about this in article “Informing consumer about data collection”
7. Do not make opt-out process cost the client so although replying to SMS STOP is opt out the client must incur this cost which we suggest is not a good reputation business practice to follow 
8. Always have secure systems to record all opt-in and opt-out events so that you can easily prove these events if ever requested to do so. Many online tools and providers can handle this process with all required compliance.
9. Although POPIA does not require consent in all instances according to section 11 we still advise to do so since there is no grey area should you have the required clear consent