GDPR & B2B Cold Email Outreach

contact us

What is GDPR?

General Data Protection Regulation (GDPR) is the biggest change to data protection law since the 20th century and replaces the Data Protection Act of 1999.

GDPR effects all businesses who contact businesses within Europe from May 2018, and there are considerable fines for non-compliance of up to €10 to €20 million Euros, or between 2% and 4% of your annual turnover. The rules about the fines themselves are very complicated – but let’s just say it’s enough for many business owners to be paying attention.

The ways that GDPR can effect your business are many, especially if you use any kind of consumer database, or external databases that include personal details of EU citizens including email delivery services such as Aweber, Mailchimp, etc. I will not go into details of those things in this page, as you should seek legal advice regarding those.

Let’s look at the specific process of B2B cold outreach that the Email Marketing Robot software automates.

What is B2B cold outreach?

The common process of searching for a business, looking up their contact details, and contacting them is known as “B2B cold outreach” in marketing lingo. It sounds fancy, but happens millions of times a day in businesses throughout the world. It’s an established way of doing business.

There are many instances where you will search for businesses, look up their contact details, and make an initial contact. This could be in the process of finding suppliers, getting quotes for materials and services, and outreach to potential clients when prospecting for new business.

Cold email outreach is the same process but conducted specifically over the email protocol. It is comparable to making the same cold outreach communication by sending a letter, a text message, or a telephone call and would be treated the same under GDPR.

How GDPR effects cold email outreach

Experts agree that under GDPR legislation you must identify a legitimate interest, show the process is necessary, and balance it against individuals rights to freedoms, and privacy. Specifically it concerns the personal data of individual citizens, and does not apply to legal entities data, but it’s still worth considering since many businesses are owned by sole proprietors.

Let’s say that you sell marketing services to small business owners for example. You know they have a legitimate interest because the same business types often renew their membership with you year after year, therefore you are likely to be permitted to email other business owners in the same business categories one time to ask if they would be interested in receiving information, or ask who the best person to contact would be.

When you have established that a prospect may have a legitimate interest in what you can offer them, it is likely permitted that you can email the prospect multiple times without an opt-out link under GDPR so the rules are pretty lenient. Best practice in the marketing industry would normally dictate that an out-out link is included.

However, GDPR guidelines say that it would be questionable to email a prospect ten or more times whether or not they respond to you. It would be a better option to email them once asking for the best person to contact, then focusing on emailing that person directly.

How the Email Marketing Robot protects you

The Email Marketing Robot was designed at the first outset with anti-spam measures in mind.

The software will only email each business once by default, unless you choose to clear the list from time to time. That makes it compliant with the GDPR recommendation that you respect the freedoms of individuals you are emailing.

Also the Email Marketing Robot has a built-in domain blacklist and email blacklist, giving the operator the ability to easily opt out individuals by their email address, or organisations by their domain name. This ensures that those who do not wish to be contacted are never again contacted even if the email history is cleared.

The Email Marketing Robot database does not include any personal data such as name, address, ID numbers, IP addresses, RFID tags, cookie data, location, health information, family history, racial or ethnic origin, biometrics and even sexual orientation and political opinions – so there is no need to worry about that with our software at least.

What you need to do:

Here are your key responsibilities under GDPR as an Email Marketing Robot operator:

  • Target your ideal client accurately.
    Think about the geographic location you want to cover, and the specific types of businesses that represent your best clients. If you do that, then most likely it is OK to make contact using the Email Marketing Robot, a telephone call, a letter, or a manually sent email. You must have a good enough reason to be contacting the businesses with your email, be it a legitimate interest, necessary for initiating a contract, or required under a legal obligation.
  • Respect peoples wishes.
    If someone asks you not to contact them again honour the request. Make a note on their file not to contact them again, and ensure staff understand what this means. The best way to do this is use the email and domain blacklists within the Email Marketing Robot, or equivalent functions of other software and systems you are using.
  • Don’t harass people.
    If you regularly clear the list of sent emails so that everyone is contacted again, consider doing that less frequently. Depending on your particular industry and target market, it might be reasonable to not email cold prospects more often than once a quarter for example. Don’t bombard people who haven’t subscribed with emails every few hours!
  • Be honest.
    Make sure that your email subject line is not a trick to open the email, as this can result in annoyance. You know what it’s like when you see a video on YouTube or on Facebook with a headline that forces you to click it – and the content normally doesn’t live up to the promise. Instead, have a clear email subject line that conveys the key benefit that the reader is likely to receive if they take action.

An email of a GDPR-compliant B2B cold outreach email:

Targeting: “business networking”, UK towns and cities list.

From: “James Winsoar” <>
Subject: Fill your business networking events with visitors

Dear John,

I found your website on Google, and wondered if you are growing your networking group because I help owners of business networking groups using a marketing system that I’ve developed.

Several directors of business network groups use my system already from groups including BNI, BforB, and other networking groups who report increased visitor numbers, more new member applications, more business, and even more buzz in the room.

If this may be of interest to your organisation I would be happy to send further details. Please can you let me know who to send that information to?

I look forward to you reply,

James Winsoar,
Android Marketing.
Phone: +44 (0)7967 646039

PS. There is a free trial of the system available, so you can put it to the test yourself and get some quality local business owners along to your next meeting.

Unsubscribe info: If you don’t mind missing out on quality local business owners visiting your groups, and all the business and referrals they can bring to your members reply with the word “OPTOUT” in the subject line.


Remember this is NOT legal advice, this is just marketing tips based on what we have learnt from other blog posts about GDPR.

Always do your own research, check your own targeting and email copy for compliance, and above all seek professional advice. A specialist in data protection law will be able to give you advice specific to your business, and you can also learn more for yourself on the official GDPR website.

Wishing you continuing success with your B2B cold email outreach!

Leave a Reply