Sales prospecting is governed by a specific legal framework. In France, sales prospecting and the CNIL (National Commission for Information Technology and Civil Liberties) are closely linked. The CNIL ensures compliance with current legislation regarding the protection of personal data. The CNIL provides information and support to companies in their compliance efforts. It also safeguards users' rights regarding data processing and has the power to monitor and sanction any breaches. How can you align your sales prospecting activities with the CNIL's requirements? What do you need to know to prospect in B2B in the era of the GDPR?
The CNIL (National Commission for Information Technology and Freedoms) is an independent administrative authority created in 1978 and responsible for ensuring the protection of users' personal data in the digital world.
It plays a regulatory role on data protection issues. It assists professionals in complying with regulations. And it also helps individuals gain better control over their data.
In practice, the CNIL carries out 4 missions:
Commercial prospecting and the CNIL (French Data Protection Authority) are particularly scrutinizing companies' prospecting activities. Indeed, to prospect, companies must create, purchase, or rent an internal database containing personal data.
Personal data encompasses all information relating to an identified or identifiable natural person. For example, an email address, telephone number, occupation, age, and gender are considered personal data. Behavioral data collected online, for example, as part of an inbound marketing strategy, is also personal data, provided it is linked to an identity.
Therefore, any company, in its prospecting activities, is subject to the compliance requirements of Commercial Prospecting and the CNIL and liable to sanctions in case of breaches.
The entry into force of the General Data Protection Regulation (GDPR) on May 25, 2018, raised many questions among professionals. Indeed, many feared that the new legislation would affect their prospecting activities.
Indeed, the GDPR, commercial prospecting, and the CNIL strengthen companies' obligations at 4 levels:
However, the GDPR does not change the rules applicable to marketing emails. On this point, the rules in force come from the e-Privacy Directive, transposed into French law in Article L.34-5 of the Postal and Electronic Communications Code.
Need more leads?
Try Magileads !
The actions of commercial prospecting and the CNIL (French Data Protection Authority) aim to regulate the processing of personal data. "Data processing" refers to any operation or group of operations performed on personal data. This therefore covers the entire data journey: collection, recording, organization, storage, modification, retrieval, consultation, use, etc.
Therefore, maintaining a prospecting file, a customer database or collecting data via web forms must comply with the requirements of the CNIL.
Firstly, all data processing must correspond to a clear and specific purpose. This purpose must obviously be legal but also legitimate in relation to your professional activity.
Next, if you collect data, you must be able to inform your contacts about how you use their personal information. You must also guarantee that the data is used in a way that respects their privacy.
Therefore, virtuous data processing must meet several requirements:
In practice, the GDPR now requires companies to maintain a record of the processing activities they carry out. But, above all, the legislation raises questions on two crucial points: the concept of consent and the right to object.
For B2B professionals, the GDPR hasn't fundamentally changed existing legal rules. The principle remains that of prior notification and the right to object. When collecting an email address, you must inform the individual that it will be used for marketing purposes. You must also ensure they can easily and freely object to this use.
In practice, explicit consent from the prospect (opt-in) is strongly recommended by the CNIL (French Data Protection Authority), but it is not mandatory in B2B (unlike in B2C). Therefore, it is permitted to continue using opt-out email marketing provided that:
In all cases, each email must include:
When you use a sales prospecting file that you have purchased or rented, you are carrying out data processing operations. However, you are not involved in the data collection phase.
Nevertheless, when contacting prospects by email on your behalf, you are required to comply with current regulations and, ideally, to respect the ethical recommendations issued by commercial prospecting and the CNIL.
When you first communicate with the contacts on the list, you must inform them of how to exercise their rights, including the right to object, as well as the source of the data used.
Next, each of your messages should include:
You must also regularly update your file, taking into account unsubscribe requests from contacts.
The CNIL (French Data Protection Authority) only recommends obtaining consent from contexts. However, when you are looking for a provider to purchase or rent a contact list, you will benefit from inquiring about their data collection methods.
Certainly, you can contact prospects from non-opt-in lists. But be aware of the consequences.
Most email services have powerful algorithms that allow them to detect non-opt-in lists or lists that are already heavily used. By using an unscrupulous provider, you risk being blacklisted. Your emails will land directly in spam folders, and your deliverability will be permanently affected.
If your messages do manage to reach your recipients' inboxes, you also run the risk that they will mark them as spam.
It is therefore essential to verify the data source with the service provider. Furthermore, you should also work with a finely segmented list. Indeed, sales prospecting and the CNIL (French Data Protection Authority) require that solicitations be directly related to the contact person's job title.
Effective segmentation will make your initial contact feel more natural. Finally, and obviously, the relevance and quality of your message will impact how your contacts react and engage.
The actions of commercial prospecting and the CNIL (French Data Protection Authority) aim to regulate the processing of personal data. "Data processing" refers to any operation or group of operations performed on personal data. This therefore covers the entire data journey: collection, recording, organization, storage, modification, retrieval, consultation, use, etc.
Therefore, maintaining a prospecting file, a customer database, or collecting data via web forms must comply with the requirements of the CNIL.
Firstly, all data processing must correspond to a clear and specific purpose. This purpose must obviously be legal but also legitimate in relation to your professional activity.
Next, if you collect data, you must be able to inform your contacts about how you use their personal information. You must also guarantee that the data is used in a way that respects their privacy.
Therefore, virtuous data processing must meet several requirements:
In practice, the GDPR now requires companies to maintain a record of the processing activities they carry out. But, above all, the legislation raises questions on two crucial points: the concept of consent and the right to object.
For B2B professionals, the GDPR hasn't fundamentally changed existing legal rules. The principle remains that of prior notification and the right to object. When collecting an email address, you must inform the individual that it will be used for marketing purposes. You must also ensure they can easily and freely object to this use.
In practice, explicit consent from the prospect (opt-in) is strongly recommended for sales prospecting and is subject to CNIL (French Data Protection Authority) regulations, but it is not mandatory in B2B (unlike B2C). Therefore, it is permissible to continue using opt-out email marketing provided that:
In all cases, each email must include:
When you use a sales prospecting file that you have purchased or rented, you are carrying out data processing operations. However, you are not involved in the data collection phase.
Nevertheless, when contacting prospects by email on your behalf, you are required to comply with current regulations and, ideally, to respect the ethical recommendations issued by commercial prospecting and the CNIL.
When you first communicate with the contacts on the list, you must inform them of how to exercise their rights, including the right to object, as well as the source of the data used.
Next, each of your messages should include:
You must also regularly update your file, taking into account unsubscribe requests from contacts.
The CNIL (French Data Protection Authority) only recommends obtaining consent from contexts. However, when you are looking for a provider to purchase or rent a contact list, you will benefit from inquiring about their data collection methods.
Certainly, you can contact prospects from non-opt-in lists. But be aware of the consequences.
Most email services have powerful algorithms that allow them to detect non-opt-in lists or lists that are already heavily used. By using an unscrupulous provider, you risk being blacklisted. Your emails will land directly in spam folders, and your deliverability will be permanently affected.
If your messages do manage to reach your recipients' inboxes, you also run the risk that they will mark them as spam.
It is therefore essential to verify the data source with the service provider. Furthermore, you should also work with a finely segmented list. Indeed, sales prospecting and the CNIL (French Data Protection Authority) require that solicitations be directly related to the contact person's job title.
Effective segmentation will make your initial contact feel more natural. Finally, and obviously, the relevance and quality of your message will impact how your contacts react and engage.
Need more leads?
Try Magileads!
MagiLeads provides its clients with a global B2B contact database.
This database includes B2B decision-makers (executives, business leaders, HR managers, marketing directors, etc.). It is built from data collected on the web, then aggregated and structured according to a proprietary algorithm.
Therefore, the data contained in our database is public data, accessible to everyone on the Internet, which we are responsible for scraping and structuring to comply with commercial prospecting and the CNIL.
Unlike some purchased databases, we give you access to a much larger and constantly updated database.
Next, it is your responsibility to make responsible use of the marketing data and the CNIL (French Data Protection Authority) information we provide. Our general terms and conditions of sale require you to comply with applicable regulations and, in particular:
By adhering strictly to best practices in sales prospecting and CNIL regulations, we guarantee optimal long-term use of our services. Indeed, we reserve the right to exclude any client who does not comply with these rules in order to protect our database.
Sales prospecting and the CNIL (French Data Protection Authority) ensure the protection of citizens' personal data. The CNIL intervenes in all data processing operations, from the methods of data collection to its use in sales prospecting activities. Consequently, B2B prospecting can only be conducted within the legal framework guaranteed by sales prospecting regulations and the CNIL. By applying practices that respect the authority's recommendations, you protect yourself from potential penalties. Adherence to ethical rules should also guide you in choosing a service provider specializing in data supply.
Need more leads?
Try Magileads!
They use our sales prospecting tool
Need more leads?
Try Magileads!
More articles on Sales Prospecting and the CNIL (French Data Protection Authority)
B2B Sales Prospecting: Finding Clients Effectively Article Summary What is sales prospecting? (sales, prospects…) Sales prospecting is an essential activity for the success and sustainability of a business. To identify business opportunities,
B2B Prospecting: The Ultimate Prospecting Plan
Prospect B2B: Why is it difficult? Prospecting B2B: The ultimate prospecting plan B2B prospecting is an activity that does not always have a good press. For salespeople, the approach often appears time -consuming, tedious and off -putting. Indeed,
