NHS DSPT New Submission Requirements

View All

Case Studies

Powering Alt HAN Co.'s Smart Meter Rollout

View All

Upcoming Events

LEMA Summit 2024

View All



ePrivacy for a Major High Street Bank

20th Sep, 2023


The ePrivacy Directorate requires organisations to protect the confidentiality of communications and limits tracking cookies, spam emails and texts. The client, a relationship bank, needed to effectively communicate with their vast customer base, but the ability to market to them was limited. They required data consultants to assess their compliance with the Privacy and Electronic Communications Regulation (PECR) and deliver greater choice and transparency to customers on how they wish to be contacted for the purpose of marketing. This would enable the bank to reach more of their customers through relevant and compliant communications.


The focus was to establish a Marketing Permissions strategy and controls across the bank to ensure regulatory compliance.

Our first step was to identify customer data and customer journeys that are non-compliant and edit or remove them. We did this by defining the trust of marketing permissions data and treated any untrusted with remediation and running a ‘Repermissioning’ campaign. By running this campaign to customers, the bank was able to obtain new consent to contact more of their customers in compliance with PECR and meeting our previously set parameters. We then built on this by managing tactical solutions to avoid data breaches, and strategic solutions to fix problematic journeys and data. To easily track the progress of the campaign, and assist future compliance measures, we created a datastore to act as the golden source for storage of all permissions. This was built to ensure all mechanisms can both read and update data within it.


With the solution of compliant customer journeys and a renewed source of marketing permissions, the bank will achieve compliance with PECR Regulations 2003, and GDPR EU Regulation 2016/679. On top of this, by building a centralised solution for customer contact preference and marketing permissions, the client will be able to understand the lawful basis of consent they hold for each customer. Multiple dashboards will track the operational data KDE’s and support marketing strategies. Not only did we achieve compliance with the bank, but there is also and expected increase in marketing ROI as the bank reaches more of its customers base. With these changes, we’ve improved the customers’ confidence that their permissions, preferences and consent are honoured.


Alex Ripley

Head of Consulting, Business Data Partners

Read Bio

Camilla Winlo

Head of Data Privacy

Read Bio