Direct Marketing, Internet Technology Communications & Outsourcing Flashcards
What is the definition of direct marketing?
Any form of sales promotion
True or False: Direct marketing includes direct marketing by charities and political organisations?
True
Define this concept: Direct Marketing
Any form of sales communication directed to particular individuals
What is excluded from Direct Marketing with respect to the GDPR?
(1) Messages that do not include personal data, and
(2) Messages that are purely service related
True or False: Under the GDPR, individuals have a limited right to object to direct marketing, only in certain circumstances.
FALSE - individuals have an absolute right to object to direct marketing.
How does the GDPR apply to direct marketing?
It applies to all direct marketing.
How does the ePrivacy Directive apply to direct marketing?
It applies to DIGITAL MARKETING, specifically outlining rules to impact avertising behaviour.
What requirements does the GDPR place on Controllers with respect to direct marketing?
(1) Clearly and explicitly inform individual of right to opt out,
(2) Allow opt out across all channels and
(3) Honor opt out requests, remove personal data and profiling.
True or False. Postal marketing are subject to the ePrivacy Directive
False.
True or False: Telephone marketers are subject to the ePrivacy Directive.
True.
Controllers must ensure they satisfy the general requirements of the GDPR.
True or False. Email marketers are subject to the ePrivacy Directive.
True.
Controllers must ensure they satisfy the general requirements of the GDPR.
True or False: In the absence of mandated consent, controllers may require on legitimate interests for direct marketing
True subject to conditions
What are the conditions that allow direct marketers to rely on legitimate interests in the absence of mandated consent for direct marketing?
Balance the following:
(1) Whether individual is existing customer
(2) Nature of products/services
(3) Whether controller previously told individual whether they would send direct marketing communications
True or False. Mandated consent is required for direct postal marketing
True in MOST member states
True or False. Email marketing requires prior consent.
True - subject to additional considerations
True or False. A controller may send unlimited email marketing material provided they have the individuals consent.
False.
Even with consent, email marketing is still limited by the following:
(1) Controller markets similar material
(2) Individual must have ability to opt out at time details are collected
(3) Individual is reminded of ability to opt out with each communication
Name information that must be included to recipients of direct marketing emails.
(a) Address for opt out
(b) clear identity of sender
(c) Clear indication of commercial message
(d) Clear promotional offers
(e) Clearly identified promotional competitions
Define: Online behavioural advertising
Advertising based on individual interests.
Example: Facebook loves to marketing to individuals via what style of direct marketing.
Online behavioural advertising
True or False: the ePrivacy directive will apply to online behavioral advertising, regardless of whether the data constitutes personal data.
True
True or False. Under the ePrivacy Directive, consent is required to use cookies.
True.
Article 5(3)
Define web cookies.
Text file stored by website for later use.
What is a text file stored by a website for later use?
Web Cookie
What is shared infrastructure governed by a supplier?
Cloud Computing
Define a controller with respect to cloud computing,
i. Determines substantial and essential elements of the means of processing
ii. Processes data for own purpose, or
iii Determines aspects of processing outside controller’s instruction
What is a site that users IP address, cookies, user log files, etc.
Search Engine
Define a search engine with respect to data usage
Site that uses IP address, cookies, user log files, etc.
True or False. Search engines are data controllers
True
What is SNS?
Social Network Services
Are Social Network Services (SNS) Providers data conrollers?
Yes
What transparency obligations are applicable to SNS Providers?
Transparency Obligations
(i) Marketing purposes and right to opt out
(ii) Personal data shared with third parties
(iii) Also, profiling, sensitive personal data, risks to privacy, and consent to third party.
What is outsourcing?
when data processing is carried out by another party, such as a service bureau.
True or False: The GDPR established direct legal obligations between processors and controllers.
True.
The GDPR establishes direct legal obligations applicable to service providers acting as ‘processors’ whilst giving an increased emphasis to the contractual obligations in place between customers and data processing service providers.
Which party is primarily responsible for data privacy compliance?
Data Controller.
What is an example as location based marketing?
“Individuals passing by their local coffee shop may receive an invitation for a free coffee, whilst those passing retail outlets may be offered a discount to enter the store and do some shopping.”
Excerpt From
IAPP_E_TB_European-Data-Protection_2nd_Edition
This material may be protected by copyright.
True or False. The GDPR will apply in most location based marketing.
True.
“The Regulation applies whenever the use of location data involves processing of personal data and therefore will apply in most, if not all, instances of location-based marketing”
Excerpt From
IAPP_E_TB_European-Data-Protection_2nd_Edition
This material may be protected by copyright.
True or False. The ePrivacy directive requires opt in consent to use their location data.
True.
“The ePrivacy Directive requires that individuals give opt-in consent to use their location data to provide a ‘value-added service’.19”
Excerpt From
IAPP_E_TB_European-Data-Protection_2nd_Edition
This material may be protected by copyright.
