26Mar, 2018

GDPR – the difference between B2B and B2C marketing

There is some confusion over how to comply with GDPR if you are B2B company. In fact I spoke to a business recently that is making a great GDPR effort for their B2B database, but is this necessary?

GDPR documentation does cover B2B marketing but the rules are not as strict as the B2C changes.

Is your marketing B2B or B2C?

A simple thing to look at is the email addresses you hold. For example info@”” looks like business email address whereas george@”” is personal. So checking the email domain is a good way to tell if you have personal data.

There are other simple questions to ask yourself:

  • Are you selling consumer products?
  • When you collected the data what did you tell the person you were going to use it for?
  • Are you trying to sell to a business?

The B2C marketing rules

This is where you will see the most change. The new legislation is designed to protect consumers and for this group you will need proper (explicit) consent before sending them marketing messages.

If you cannot demonstrate clear consent from your database then you really need to stop using the data. If you do, be aware that the punitive risks are greater than that of previous regulation. It could as high as €20M or 4% of turnover (whichever is higher), so there is very good financial reason to comply. The actual amount will be worked out on a case-by-case basis.

The B2B Marketing rules

In most cases marketers can continue to target the business email address so long as they provide a soft-opt-out mechanism – at least an unsubscribe feature. Also companies must identify themselves, and provide contact details.

Each company will have different obligations under GDPR. However, in most cases it is likely that an individual’s work email address will be considered ‘personal data’ as it usually includes the individual’s name. In this scenario “legitimate interest” can be used to as justification to send relevant marketing messages. However, the person would need to reasonably expect to receive such communication from you and if they don’t engage, you no longer have consent. So keep messages business related, relevant and within expectations!

This is not a GDPR workaround! Sending consumer led messages via a business email address without consent is not a good idea.

Despite the GDPR impact on B2B communications being less strict that B2C communications, this doesn’t mean that a review of your communications and policies is not needed. As all your business contacts are also consumers in their private lives, it is likely that their expectations will change. If you are targeting companies via a business contact, I would recommend that you still keep content relevant and timely to match these changing expectations. Even without impending GDPR changes, this really is best practice marketing.

Regardless of whether your company is B2C or B2B you should take GDPR seriously. Reviewing the official documents and referring to the ICO (Information Commissioner’s Office) is a good place to start. Lastly be sure to seek out professional advice.

About The Author
I am a proud husband, father and space-nerd. I love business and data so I try to combine the two as much as possible. This passion led me to launch Geopify.