Can You Still Cold Call Under GDPR?

If you work in B2B sales, you probably make a lot of cold calls.

Maybe you’ve heard scare stories about GDPR, the EU’s rules around data protection that came into force in May 2018.

Did it ban cold calling? Are you breaking the law whenever you pick up that phone and dial that number? 

We’re here to tell you not to worry!

The good news is, as long as you cold call responsibly, you’re on the right side of the law.

In this article, we’ll look at how the GDPR relates to cold calling, and what you can do to avoid a tap on the shoulder from the authorities!

Keep scrolling 👇 for our guide.

What is the GDPR?

The General Data Protection Regulation (GDPR) is a set of rules that aims to give people more control over their personal data and what companies can do with it.

It came into effect in May 2018, with authority over the EU and the EEA. After Brexit, the UK adapted the GDPR rules to create its own ‘UK GDPR’. 

Under the GDPR, companies can only use someone’s personal data for sales and marketing activities if they can prove they have the lawful right to do so. Activities covered by the GDPR include cold calling, email marketing and social selling.

How does the GDPR affect B2B cold calling?

The answer is - not a huge amount!

You can still cold call B2B prospects as long as you do it in the right way. In B2C, the GDPR rules have all but outlawed cold calling.

As long as you handle your prospect’s information correctly (including allowing them to opt out of future calls), you can cold call them, provided you have what is called ‘legitimate interest’.

Cognism’s legal team had this to say about legitimate interest:

“Legitimate interest means you’re contacting prospects about a product or service which is genuinely appropriate for them.”

“When you have legitimate interest, you’re not calling up to waste their time or push a product that they have no use for. Of course, no reputable B2B sales team should be doing that anyway!”

However, bear in mind that legitimate interest can be overridden by a prospect’s wish not to be contacted. That’s why it’s important to make sure that the prospect you’re about to call is not on any ‘do not call (DNC) list’ - that’s a list of people that never want to receive sales calls.

Unfortunately, there is no EU-wide do-not-call list (that would be too easy!); you have to go nation by nation.

The good news is, all phone numbers provided by Cognism’s B2B data platform are screened against TPS/CTPS in the UK and other global Do-Not-Call lists, making them safe for cold calling.

What should sales reps do on their cold calls?

Following the rules around legitimate interest and opting out isn’t hard. In fact, it’s what you should already be doing as a professional B2B salesperson.

Put yourself in your prospect’s shoes. Would you want your day to be interrupted in the same way you’re about to do? If the answer is no, don’t dial that number.

When you make the call, start the conversation by telling the prospect who you are and why you’re calling. Two things can happen here: 

1. If the prospect doesn’t want to talk to you, thank them politely, put the phone down and don’t call them again.
2. If you’re allowed to continue, tone down the hard sell. Instead, ask questions, listen to the answers and adapt your pitch to what they say.

Why must sales reps follow the GDPR?

Following the GDPR may sound complicated, but you need to pay attention to it.

If you’re caught cold calling prospects in a non-GDPR-compliant way, the consequences could be disastrous.

Companies that are found guilty of not complying with the GDPR can be fined up to 4% of their global turnover, or €20 million - whichever is higher. 

You don’t want that on your conscience!

Compliant cold calling best practices

So, how can you make sure you’re always on the right of the GDPR when you cold call?

Here are some tips from Cognism’s legal team:

• Make sure all the phone numbers you call are screened against TPS/CTPS in the UK and other European do not call lists. Remember that the desire not to be called is ranked higher than legitimate interest.
• Ensure you know where you obtained every phone number in your CRM; you must be able to prove that you acquired them legitimately.
• Make it simple for prospects to opt out of future contact, including erasing their data.
• Have privacy policies that inform your prospect of their rights under the GDPR.
• Use tech to manage your calls – including your call history and the number of times you call a specific number.
• Protect your prospects’ personal data at all times.
• Train your salespeople on data protection, GDPR and how to cold call in a compliant way.

While this may look daunting at first, it should only require a slight change in approach. 

In B2B sales, you only make a sale if you can solve a problem. Successful sales teams don’t waste time contacting prospects if they don’t believe they can help in some way.

With a little bit of forethought and care, in addition to having a compliant B2B data provider like Cognism in your tech stack, your team will always stay on the right side of the GDPR.

How Cognism maintains GDPR compliance

Cognism is a compliance leader, providing GDPR and CCPA-compliant data. We maintain compliance with the GDPR in the following ways:

• We conducted our Article 14 Notification Project, ensuring that the contacts in our database are aware that we hold their data.
• All the mobile numbers in our database are cross-checked against global DNC lists.
• We have an in-house Legal & Compliance team and have partnered with a leading UK law firm to ensure that our data aligns with the GDPR and CCPA.
• We are ISO 27001 certified and registered with the ICO, the UK regulator.

Remove the compliance burden from your sales operation today - click 👇 to request your demo.