Create Account
Friday 20th September 2019 | Telephone numbers on TPS: 18,965,060 | Telephone numbers on CTPS: 2,122,967 | Total numbers registered: 21,088,027
01451 860805

Staying within the law when marketing by phone

Making marketing calls legally may be more complicated than you might think.

It can be an expensive business if you don’t stay within the law too, not to mention the potential damage it can cause to your own or your client’s reputation and brand.

Companies not meeting their legal obligations can be fined up to £500,000 by the Information Commissioner's Office (ICO). Monetary penalties have been issued for making repeated marketing calls to numbers listed on the Corporate / Telephone Preference Service (C/TPS) registers and ignoring people’s objections to those calls including:

  • Home Energy and Lifestyle Management Ltd – £200,000
  • Nationwide Energy Services Ltd – £125,000
  • We Claim U Gain Ltd – £100,000
  • MyIML – £80,000
  • Cold Call Elimination Ltd – £75,000
  • EMC Advisory Services Ltd – £70,000
  • Omega Marketing Services Ltd – £60,000
  • Assist Law – £30,000
  • IT Project Ltd – £40,000
  • Brighter Home Solutions Ltd – £50,000
  • MyHome Installations – £50,000
  • HPAS Ltd (trading as Safestyle UK) – £70,000
  • Laura Anderson Ltd (trading as Virgo Home Improvements) – £80,000
  • True Telecom Ltd – £85,000
  • Energy Saving Centre Ltd – £250,000
  • Approved Green Energy Solutions – £150,000
  • IAG Nationwide Ltd – £100,000
  • Our Vault Ltd – £70,000
  • AMS Marketing Ltd – £100,000
  • Oaklands Assist UK Ltd – £150,000
  • ACT Response Ltd – £140,000
  • Secure Home Systems Ltd – £80,000
  • DM Design Bedrooms Ltd – £160,000
  • Solartech North East Ltd – £90,000
  • Alistar Green Legal Services – £80,000
  • Avalon Direct Ltd – £80,000
  • Smart Home Protection Ltd – £90,000
  • Making it Easy Ltd – £160,000
Contact Us and see how we can help


1. The Law

To understand your obligations fully, it’s a good idea to be aware of the two main pieces of legislation relating to making marketing phone calls and using data.

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016) is based around seven principles of good information handling. See The ICO's GDPR guide for more details. The Data Protection Act 2018 is the UK's implementation of the GDPR.

The Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR) sets out rules for sending marketing and advertising by electronic means, such as by telephone, fax, email, text and picture or video message, or by using an automated calling system. A new ePrivacy Regulation is currently being finalised and will replace PECR. See The ICO's PECR guide for more details.


2. Making Marketing Phone Calls Legally


Live calls

The rules on live marketing calls are in regulation 21 of PECR. In short, you must not make unsolicited live marketing calls:

  • to anyone who has told you they don’t want your calls; or
  • to any number registered with the TPS or CTPS, unless the person has specifically consented to your calls – even if they are an existing customer.
  • for the purpose of claims management services, unless the person has specifically consented to your calls; or.
  • in relation to pension schemes unless you are a trustee or manager of a pension scheme or a firm authorised by the Financial Conduct Authority, and the person you are calling has specifically consented to your calls or your relationship with the individual meets strict criteria.

You must always say who is calling, allow your number (or an alternative contact number) to be displayed to the person receiving the call, and provide a contact address or freephone number if asked.

So if you’re making live calls you must:

  1. Screen telephone numbers against the Telephone Preference Service register(s) before calling and every 28 days:
    • Telephone Preference Service (TPS) – if you’re calling individuals, sole traders and/or partnerships.
    • Corporate Telephone Preference Service (CTPS) – if you’re calling companies and corporate bodies (including Limited, PLC, Limited Liability Partnership, Scottish Partnership, goverment body, school, college and charity).
    • Screen against both registers to be 100% safe.
    • Use a full C/TPS licensee like 121prodata to ensure legal compliance.
  2. Keep your own in-house do-not-call list of anyone who says they don’t want your calls. Screen lists that you call against your own do-not-call list – and do not call them.
  3. Make sure that you do not disguise a marketing call as a market research call. This is known as ‘sugging’ (selling under the guise of research). If the call includes promotional material or collects data to use in future marketing, the call or message will be for direct marketing; you must say so and comply with the DPA and PECR direct marketing rules.

What are the rules on automated calls?

The rules on automated calls are in regulation 19 of PECR, and are stricter. You must not make an automated marketing call – that is, a call made by an automated dialling system that plays a recorded message – unless the person has specifically consented to receive this type of call from you. General consent for marketing, or even consent for live calls, is not enough – it must specifically cover automated calls.

All automated calls must include your name and a contact address or freephone number. You must also allow your number (or an alternative contact number) to be displayed to the person receiving the call.

For further information, see the ICO’s guidance on direct marketing.


3. Purchased Lists

If you are calling purchased or rented lists of prospect data you cannot simply rely on the data seller to have complied with the law. It is your responsibility to make sure that the data is legally compliant. You will need to:

  • check the origin and accuracy of the list.
  • check the legal basis for processing e.g. legitimate interest or consent.
  • check when and how consent was obtained, if relevent, and what it covers.
  • NOT use bought-in lists for texts, emails or recorded calls (unless you have proof of opt-in consent within last 6 months which specifically names or describes you).
  • screen against the TPS/CTPS.
  • tell people where you got their details and how they can exercise their rights.

One way to ensure that the data that you’re calling complies with the legislation is to use data providers that are Direct Marketing Association (DMA) members. See www.dma.org.uk



4, Exploding a Myth

Many people think that it is not necessary to screen against TPS or CTPS if the number being called is an existing customer. This will depend on the level of consent:

An organisation might want to continue calling an existing customer who has registered with the TPS even though they have not specifically consented, because it is confident in light of the past relationship that they would not object. However, calls in these circumstances are in breach of PECR and could result in enforcement action. Direct Marketing, ICO

If you regard an individual or company as a customer and have an ongoing relationship e.g. they have made purchases within the last 6 months, and you have consent, you are entitled to call them even if they are TPS-registered, unless they have told you specifically that they object to receiving marketing calls.



What do I do next?

For further information, see the ICO’s guidance on direct marketing.


Or call Spencer Clarke,
Director, 121prodata Ltd on 01451 860805
  • C/TPS licensee – online self-service, managed service and API service available
  • Data, direct & digital marketing advice & outsourcing
  • GDPR & ePrivacy Regulation support


The content above is intended only to provide a summary and general overview on matters of interest. It is not intended to be comprehensive nor does it constitute legal advice. We attempt to ensure that the content is current but we do not guarantee its currency. You should seek legal or other professional advice before acting or relying on any of the content above.

Contact Us and see how we can help