In many cases you must obtain prior 'opt-in' consent to send marketing communications, and it is always good practice to use opt-in boxes when collecting contact details for marketing purposes.

You should tell people what methods of marketing communication you are going to use, eg email, text, phone, automated call, post.

You should ask for consent to pass contact details to third parties for marketing, and name or describe those third parties with enough detail to give people an informed choice over marketing.

You should record when and how you obtained consent, and exactly what it covers to ensure you do not inadvertently contact people against their wishes. You can keep a 'suppression list' of people who don't want to receive marketing.

* * Direct marketing checklist, ICO

* Consent, in ICO direct marketing guidance

* The DMA Code, Direct Marketing Association website

* What counts as consent?, in Electronic and telephone marketing, ICO Guide to Privacy and Electronic Communications Regulations

Neither the DPA or PECR ban the use of bought-in marketing lists but you should take steps to ensure the list was compiled fairly and accurately, reflects people's wishes and is reasonably up to date.

You should check when and how consent was obtained, and what it covers to ensure you do not inadvertently contact people against their wishes.

You should always screen bought-in lists against the TPS when making live marketing calls.

You should avoid using bought-in lists for emails, texts or automated calls unless you have proof of 'opt-in' consent within the last six months, which specifically names or describes your business.

You should tell people where you got their details if asked.

* Direct marketing checklist, ICO

* Buying a marketing list, in ICO direct marketing guidance

The DMA Code, Direct Marketing Association website

* Using marketing lists, ICO Guide to Privacy and Electronic Communications Regulations

You must screen live marketing calls against the TPS. The only exception to this rule is where people have told you that, for the time being, they do not object to receiving such calls.

It is good practice to maintain your own 'do not call' list to screen live marketing calls.

You must obtain prior 'opt-in' consent to make automated marketing calls. There is no exception to this rule.

You must identify your business and provide a valid business address or Freephone number. You can do so in the content of an automated call recording or when asked during a live call.

* Direct marketing checklist, ICO

* Buying a marketing list, in ICO direct marketing guidance

The DMA Code, Direct Marketing Association website

* Using marketing lists, ICO Guide to Privacy and Electronic Communications Regulations

You must obtain prior 'opt-in' consent to send electronic marketing messages by email, text, picture or video messaging. The only exception to this rule is where you intend to contact previous customers about similar products or services provided by your business, and they were offered an 'opt-out' when you first collected their contact details.

You must identify your business and provide an easy means to opt-out of receiving further electronic marketing with every message. You should therefore provide a valid email address or short code number for texts (as long as this does not incur premium rate charges). It is good practice to provide a link to your website for further contact details.

It is good practice to maintain your own 'do not contact' list to screen electronic marketing messages.

* Direct marketing checklist, ICO

* Marketing texts and emails, in ICO direct marketing guidance

The DMA Code, Direct Marketing Association website

** Electronic mail marketing,, ICO Guide to Privacy and Electronic Communications Regulations

** Marketing campaigns, in ICO marketing sector guidance

Section 11 of the DPA gives individuals the right to issue your business with a written notice that their details should not be used for marketing purposes. Your business must comply with this notice. It is good practice to acknowledge the notice and confirm the marketing will stop.

It is good practice to screen marketing mailings against the Mailing Preference Service (MPS), and you should also maintain your own 'do not contact' list to screen those who have notified you directly that they object to the receipt of marketing mailings.

* Preventing direct marketing , ICO Guide to data protection

* Direct marketing checklist, ICO

* Marketing mail,, in ICO direct marketing guidance

** Postal marketing , in ICO marketing sector guidances