Your browser is no longer supported. For the best experience of this website, please upgrade to a newer version or another browser.

Your browser appears to have cookies disabled. For the best experience of this website, please enable cookies in your browser

We'll assume we have your consent to use cookies, for example so you won't need to log in each time you visit our site.
Learn more

Legal implications of "custom audiences" advertising

Facebook and Twitter have recently launched “custom audiences” tools, which offer retailers a novel way of targeting advertisements to their customers.

Retailers need to be aware that there are data protection considerations when thinking of taking advantage of this new technological development.

What are custom audiences tools?

The tool works by allowing retailers to compile a “hashed” list of customer data, usually email addresses, which social media sites can match to their users’ profiles. This enables retailers to send advertising directly to their customers via the social media pages that customers are using.

Consent requirements

Although it may not be immediately obvious, electronic advertisements sent in this way will constitute “electronic mail” under the Privacy and Electronic Communications Regulations. This means that, in the same way that customer consent is required for email or SMS marketing, the customer’s consent to marketing via custom audiences tools must be obtained before any advertisements may be sent.

It is best practice to obtain consent through a positive opt-in option rather than an opt-out. This can be satisfied through the use of a “tick box” when the information is first collected asking the customer to tick if they want to receive marketing via social media channels. The Privacy and Electronic Communications Regulations requires consent to be specific and informed. This means that in order to obtain valid consent, retailers will need to be sufficiently transparent with customers and explain that they would like to send marketing via social media sites, as well as via conventional email marketing.

Pre-ticked boxes should be approached with caution, as the Information Commissioner’s Office has indicated that a pre-ticked box may not indicate a valid consent.

Opt-out requirements

When sending any form of direct marketing, retailers must identify themselves and provide a valid address to an individual who can then send a request to opt out. This means including within any advertisement either an identifiable logo or the name of the retailer. An address provided in a privacy policy may be enough to satisfy the opt-out requirement, but best practice is to allow an opt-out through the same media in other words, include an opt-out link within the advertisement itself. In any case, the opt-out processes must allow for all forms of direct marketing to be stopped within a reasonable period of time.








Have your say

You must sign in to make a comment

Please remember that the submission of any material is governed by our Terms and Conditions and by submitting material you confirm your agreement to these Terms and Conditions. Links may be included in your comments but HTML is not permitted.