Our Compliance

Data compliance and protection is at the heart of everything we do at DBS Data.

Please take a moment to watch this short video about what we might do with your details.

All of our data is GDPR, PECR & DPA compliant and within The DMA (Direct Marketing Association) and ICO (Information Commissioner’s Office) guidelines.

We are recognised by The DMA as being fully compliant. The DMA’s audited process reviewed our complete approach to key data issues such as:

• Supplier and client relationships and contracts
• Consent, privacy, security, age, engagement of data
• Suppression policy
• Retention policy
• Staff training
• Selection, extraction and delivery of data

Our Privacy Policy

Please follow this link to our Privacy Policy

Our Ethical Data Policy

We have a duty to protect our audience and that means not just being compliant but also going further. We also have an ethical data policy that ensures that our audience remains engaged with truly targeted, relevant and timely communications. Our ethical data policy states the following:

• Exclusion of individuals aged 75+
• No offers can be deemed a nuisance, including but not limited to PPI, Pension pot, time-share, loan decline/sub-prime, payday loans, hearing aid, smoking, gambling
• Mail piece, email copy, phone script must be approved for EVERY campaign. For intermediaries/resellers indicative copy may be acceptable dependent up how established the relationship with their client is.

Our Data Collection Policy

DBS Data collects data from a variety of sources from the public domain such as The Electoral Roll, Companies House and Land Registry, and from consented online and offline lead generation and surveys. Our contributors of consented data collect permissioned data compliant with all applicable laws, regulations and guidelines surrounding the use of third party data.

Our Data Retention Policy

DBS retain data subject’s details for as long as they are valid, accurate and up to date or until such time that a data subject chooses to unsubscribe directly with us or via one of our partners who are making use of their details provided by us. We maintain regular contact and we ensure that data subjects have the opportunity to opt out at least once every six months.

Our Suppression Policy

• A contributor (or a client) requests it be suppressed (actioned within 7 days of request)
• Processing determines the record to be inaccurate
• Marketing activity determines the record to be invalid
• The record matches to a DBS suppression file
• The data subject requests (by any means) that their details be suppressed (actioned within 7 days of request)
• No offers (opportunities to opt-out) have been sent to the data subject for six consecutive months

Data Subject Access Requests (DSARs) & Opting Out

DBS aim to respond to DSARs within two working days and in most cases within one working day. Data subject requests (by any means) that their details be deleted/removed/suppressed are actioned within 7 days of a request. Regardless of whether we hold a data subject details we are pleased to add them to our suppression files (Remove my details) to ensure that we do not make use of them now or in the future should they so choose. Further, we assist data subjects should they wish to be removed from other industry lists.

Our Data Protection Policy

Please follow this link to our Data Protection Policy

Applicable Legislation, Directives, Guidelines and Codes of Practice

• GDPR
• PECR and soon, ePrivacy
• DPA
• The DMA Code
• FCA Guidance 
• The ICO

Other useful data compliance links include:-

• Due Diligence Q & A’s