You are viewing the version of the document as on 2024-12-23.

PDCOB 7.1 Obligations on firms under general privacy laws

PDCOB 7.1.1 G

1 Firms are reminded of the need to comply with data protection legislation and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR).

PDCOB 7.2 Cookies

PDCOB 7.2.1 G

1A firm that wishes to use cookies, pixels, tags or similar technologies to track customers, is, in particular, reminded of the following requirements in the data protection legislation and the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR):

  1. (1)

    the requirement to obtain the customer’s consent for that technology to be used, unless the conditions in the PECR are satisfied.

  2. (2)

    that the acceptance of non-essential cookies should not be a pre-condition of using any of the services on the pensions dashboard platform.

PDCOB 7.3 Obtaining a customer’s details for marketing purposes

PDCOB 7.3.1 R

1A firm must not:

  1. (1)

    add a customer’s details to its marketing database, unless the customer has actively elected to be added; or

  2. (2)

    undertake direct marketing to the customer, unless the customer has actively elected to receive direct marketing from the firm.

PDCOB 7.3.2 R

1Before requesting that a customer actively elects to receive direct marketing from the firm, the firm must tell the customer how and why their details will be processed.

PDCOB 7.3.3 R

1A firm must not require the customer to agree to direct marketing as a condition of using the pensions dashboard platform.

PDCOB 7.3.4 R

1A firm must not provide a customer’s details to another person for marketing purposes.