A quick guide to PECR and charity email campaigns

Elizabeth Carter, Charity Digital Mail Manager at Charity Digital, answers some of the top FAQ for charities around the new PEC Regulations and their email marketing and fundraising campaigns.

Guest Writer | 9th Jul 19
Image shows screen with email on it. Charities that carry out email marketing need to know their regulatory duties under PECR for charity email marketing campaigns.

Looking for a cost-effective email marketing platform for your charity? Charity Digital Mail offers bespoke email marketing for charities with expert advice and personalised support.


GDPR (General Data Protection Regulation) has been overshadowing charities since well before it came into effect in May last year. But GDPR is just part of a wider package of changes around how organisations handle personal data. PECR complements the GDPR regime and sets out more-specific privacy rights on electronic communication.

Charities that deal in any kind of email or electronic communications with donors and supporters also need to be aware of the risks of not complying with PECR, or potentially be open to the same damaging penalties that they face under GDPR.

We’ve given answers to some of the top questions charities have asked us around PECR and their email marketing campaigns. Please bear in mind that this is a quick guide! The advice below is a simplified overview – for the full regulation make sure you read all of the guidance on the ICO website. Or go here to read more on the specific guidance for direct marketing,


Q: What is PECR?

PECR stands for Privacy and Electronic Communications Regulations. Its complete title is ‘The Privacy and Electronic Communications (EC Directive) Regulations 2003’. It is derived from the European ePrivacy Directive.

Both GDPR and PECR sit alongside the Data Protection Act. The latest version of PECR launched on 9 January 2019, to cover some of the changes left by GDPR on 25 May 2018.

PECR gives people specific privacy rights in relation to electronic communications.

There are specific rules on:

  • Marketing calls, emails, texts and faxes
  • Cookies (and similar technologies)
  • Keeping communications services secure
  • Customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings


Q: Does it apply to my charity?

PECR will apply to you if you:

  • Market by phone, email, text or fax
  • Use cookies or a similar technology on your website; or
  • Compile a telephone directory (or a similar public directory)

PECR stipulates that you must not send marketing emails or texts to ‘individual subscribers’ without specific consent.


Q: What are some of the main changes for charity email marketing campaigns?

PECR defines the means of gaining permission to send email marketing. Email marketing can be sent to individual subscibers with consent. For consent to be valid it must be:

  • Freely given
  • Specific
  • Informed
  • Collected with a positive affirmative action

Further requirements to meet new standards for consent under GDPR and PECR:

  • You must be able to demonstrate when and how consent was given and for what type of marketing
  • Consent must be obtained distinctly from an agreement to other terms and conditions
  • Information must be provided in simple language

With the new standards, your existing data will need to be re-permissioned where:

  • You have no records of what someone consented to receive
  • You have no record of when someone gave consent
  • If consent was previously bundled with other terms and conditions
  • If language on sign-up forms and in privacy statements was not simple and transparent


Q: What changes need to be made to sign-up forms?

Under PECR, you need to:

  • Keep records of sign-up forms and wording
  • Record when, where and how consent was provided
  • Make sure consent is separate from other terms and conditions
  • Make sure sign-up process is simple and transparent
  • Make sure you explain marketing subscription options and your customer’s rights
  • Keep language simple

Q: What can happen if I dont comply?

The ICO has several ways of taking action to change the behaviour of anyone who breaches PECR. They include criminal prosecution, non-criminal enforcement and audit. The Information Commissioner can also serve a monetary penalty notice imposing a fine of up to £500,000 which can be issued against the organisation or its directors.


Q: What should charities running email marketing campaigns be doing  if they havent already?

Charities should do their own investigation online and read up on the guides and sources provided by the ICO, undergo an ICO self-assessment and make the most of online tool kits. It’s also worth getting clarification of your PECR position from an independent, professional assessor or by calling ICO helpline on 0303 123 1113.



Want to stay on top of the latest tech news in the third sector?

Get top insights and news from our charity digital experts delivered straight to your inbox three times per week.