We can make live unsolicited marketing calls, but must not call any number registered with the TPS (the Telephone Preference Service) unless the subscriber (i.e. the person who gets the telephone bill) has specifically told us that they do not object to our calls. In effect, TPS registration acts as a general opt-out of receiving any marketing calls.
In practice, this means that to comply with PECR we should screen the list of numbers we intend to call against the TPS register.
We can only call a person listed on the TPS if that person has notified us that they do not object to our calls. This needs to be a positive step to express their wishes – in other words, consent. For example, they might have ticked an opt-in box agreeing to our marketing calls, confirmed during a previous conversation that they do not object to our calls, or signed up for a service where there is a clear and prominent statement that doing so indicates that they do not object.
It is not enough that someone simply failed to object to past calls, or failed to take positive steps to opt out of calls. For example, we cannot assume that failing to click on an unsubscribe link, or not replying to an email inviting them to opt out, is notification that they do not object. They must have taken a proactive step to ‘notify’ us of their wishes.
If someone who we have called in the past subsequently registers their number with TPS, we should not make any more marketing calls to them from that point. Even if they have not specifically objected to calls in the past, registering with TPS acts as a general objection which all organisations must respect. We can only call the person again if they have already specifically consented to receive our marketing calls. If so, the fact that they later register with TPS will not override that specific consent, and we may continue to call them.
We might want to continue calling an existing customer who has registered with the TPS even though they have not specifically consented, because we are confident in light of the past relationship that they would not object. However, calls in these circumstances are in breach of PECR and could result in enforcement action.
When making calls we must always say who is calling, allow our number (or an alternative contact number) to be displayed to the person receiving the call, and provide a contact address or freephone number if asked.
NB: PECR does not stop organisations making marketing calls to numbers not registered with the TPS. However, if we know the name of the individual we are calling, we must still comply with the GDPR. In particular, we cannot make marketing calls to them unless it is fair to do so.
We must have obtained the person’s contact details fairly and lawfully to start with. In short, the person should be aware that the College has their number and plans to use it for marketing purposes. We must not make any calls that the person would not reasonably expect, or which would cause them unjustified harm.
The rules on automated calls – that is, calls made by an automated dialling system which play a recorded message – are stricter. Organisations can only make automated marketing calls to people who have specifically consented to receiving automated calls from them. Consent to receive live calls is not sufficient. Indirect consent (i.e. consent originally given to a third party) is also unlikely to be sufficient.
Note that the same rules apply to marketing calls made to businesses. Sole traders and partnerships may register their numbers with the TPS in the same way as individual consumers, while companies and other corporate bodies register with the Corporate Telephone Preference Service (CTPS). So organisations making business-to-business marketing calls will need to screen against both the TPS and CTPS registers.