Are there any Data Protection related concerns?
Using ContactFinda in itself does not contravene any existing Data Protection laws or regulations; this includes the General Data Protection Regulation / UK Data Protection Act 2018 / Privacy & Electronic Communication Regulations 2003 (PECR).
However, users will need to ensure they can justify their subsequent use of ContactFinda sourced data. This includes:
- Identifying an appropriate legal basis for communicating with any ContactFinda sourced contacts – see ICO guidance
- Meeting PECR obligations in terms of this communication – see ICO guidance
ContactFinda does not provide any legal advice in this regard and users must satisfy themselves that they are correctly implementing any applicable legislation.
Search Results - Data Storage
Search results are not stored on the user’s device, the data is temporary in nature and is hosted by the Microsoft Bing Search Engine and only shown on screen via ContactFinda; this data is lost as soon as a new search is requested, or the Application is closed. Therefore, there is no residual data in ContactFinda to worry about or justify.
Search Results - Data Sources
ContactFinda sources business contacts (not individuals) using information they have chosen to make public online via their LinkedIn profiles.
Information is not taken or scraped from LinkedIn, it is taken from data held in Bing and is covered by their Ts & Cs
Search Results - Data Security
ContactFinda implements industry standard security – the application makes API calls via HTTPS to the Bing server.
Search Results - Direct Marketing
The contact details sourced via ContactFinda, while personal in respect of GDPR, are still business contacts (not individuals), so business-to-business (B2B) marketing rules will apply.
The Privacy & Electronic Communication Regulations 2003 (PECR) govern how you should use data to market directly to organisations; this depends largely on the nature of marketing undertaken – guidance is available here.
Search Results - Objections to Contact
Should an identified contact object to your use of their contact information, this is perfectly within their rights and you must respect this. You should add them to an ‘opted out’ list and ensure you do not contact them again in the future.
Should an identified contact question how you have accessed their information, you should advise them that you have sourced this from their public internet profile. If they no longer wish to be found by ContactFinda, they can ask Bing or LinkedIn to remove their public profiles, using instructions on the following links:
Both these options may take a couple of weeks to take effect.
ContactFinda is a quick, easy and convenient way to source business contacts.
Use of ContactFinda does not contravene any current data protection legislation.
The data displayed is not retained / stored in ContactFinda, so there are no ongoing data protection considerations in relation to the Application itself; these considerations only apply if you create a local copy of the data in whatever form.
The data displayed using ContactFinda is public in nature, however the names of business contacts and firstname.surname@company email addresses are treated as personal data under the GDPR and therefore your subsequent use of this information is regulated.
You must ensure you:
- Identify an appropriate legal basis for processing ContactFinda sourced data
- Comply with Direct Marketing laws (PECR) – the contact details sourced, while personal in respect of GDPR, are predominantly business contacts
(ie: not individuals – though you must exercise care in relation to sole traders, who are seen as individuals under the legislation), so generally B2B marketing rules will apply.
- Offer an ‘opt-out’ for anyone you contact with unsolicited marketing and ensure you respect this for future correspondence.
- Meet other GDPR requirements including having appropriate security and procedures in place to effectively store and manage this data, if you
save it locally.
ContactFinda does not provide any legal advice and all users must agree to our Terms & Conditions each time they access the Application.
AC Data Compliance has independently reviewed the ContactFinda website / Application, the findings contained in this report are based on this independent review and on clarification provided by the website / application proprietors.