Network Marketing/ MLM

Signing a Contract

Network Marketing/ MLM in the UK is subject to Compliance of several types.

There is dedicated legislation to regulate the MLM industry in the UK. This is generally considered to be a good thing because many Countries do not have specific legislation for MLM which can mean 'anything goes'. Having a legislative structure in the UK means the illegal schemes and scams should be kept out of our Marketplace.

Consequently, MLM is demonstrably a legitimate business form. This means anyone involved in MLM receive the benefits of self employment but they must also comply with all the other rules about running a business, including the new Data Protection Regulations, the application of which is the subject of this page.

The Reason for this Page:

In our role as an SME business Legal Advisor, Transition Law is often approached for advice regarding the application of the Law to specific industry sectors. Naturally, a lot of our current enquiries are in regard to the new Data Protection Regulations. (The GDPR. The Data Protection Act. 2018; PECR 2003 etc).


In fact, We have been approached for advice on the MLM industry so often and heard so much of the contradictory information being put out into the industry, we have decided to write a specific page for our Website that covers all of the main queries. NB: This information is designed to clarify the basic position but is, of necessity, general to the industry. It should not replace taking specific Legal advice about your own personal situation.

MLM Organisational Arrangements:

​MLM Sales Agents and the 'Team' they recruit are NOT employed staff members of the MLM Company. All Sales Agents are independent Business Owners running their own business as a separate legal entity to the corporate structure of the MLM Company.


There seems to be confusion as to whether the MLM Company's Compliance status extends to their Independent Business Owners. The clue is the word 'Independent'. The answer is simple: The Company is responsible for itself and each of the Agents are  responsible for themselves.

It is the independence of the individual Sales Agents from the MLM Company that appears to be causing confusion both within the industry and the minds of the participants as to the separation of responsibilities under the Law.

The following will clarify this:

​​How the Data Protection Regulations affect individual MLM Team Members


The Regulator for Data Protection in the UK is the Information Commissioners Office (ICO)

​There are 3 things all businesses must do to comply with the Data Protection Regulations.

1) Registration.

The first requirement under the Regulations is to Register with the ICO (unless exempt). MLM independent Business Owners MUST register in their own name with the ICO before processing any Personal Data in their business.

The ICO provide a very helpful self assessment questionnaire on their website for anyone who is not sure whether they should register or not. The questionnaire can be found by clicking HERE.



Question 7 in the questionnaire states: "Are you processing information for any of the following purposes..."

In the list below the question is the following answer option "Advertising. Marketing and Public Relations for others."

It should be self evident that MLM business owners are promoting their MLM Company's products so the answer is 'YES'. 

If you answer YES to this question you are immediately directed to the phrase "You need to pay a Fee"



2) The Information Audit

All businesses are required to know what Data they are dealing with and record the fact they have checked. Every piece of Data processed by a business must be classified as belonging to one of the 6 Lawful bases:

i.e. a business must know two things: i) Why it is processing the data. ii) What is its lawful authority for doing so.


The assessment or 'Audit' should be recorded (written down), so a business can prove that it completed the task, if it is ever asked to do so.


As an independent Business Owner in their own right, each MLM team member must complete an information audit of their business. The ICO Self Assessment information for 'Small Business Owners and Sole Traders' on this point, can be found by clicking HERE



3) Prepare compliant Paperwork and Policies showing how you deal with Data

Having completed your Data Audit, you have specific information about how your business deals with Data. E.g Where it comes from, how you secure it, How long you keep it and ultimately how you dispose of it. This is important because the Regulations require your paperwork and policies to be 'bespoke' to your business, which is only possible if they are based on a 'bespoke' Data Audit of your business.


NB: 'Copying & Pasting' someone's policies even if they run the same business type as you, does not fulfill this requirement!




Once the basics are in place in your MLM business you must maintain your compliant status by not breaching any of the other rules relating to Data Protection and business generally. There are others but these are the 3 main areas to consider.


1) Advertising & Marketing

Business Marketing post GDPR requires an understanding of the rules relating to Consent and the specific requirements of the GDPR and the Privacy & Electronic Communications Regulations (PECR) which govern the use of Emails, Text and Phone contact with prospects..

2) Gathering New Team members

Processing the Personal Data of prospective Team members (Your Downline) must be completed within the Regulations, especially in regard to repeating contact, specific forms of contact and their right to withdraw consent for contact.

3) Dealing with your own Team

Once someone becomes your Team member (joins your Downline) you have an obligation to help them with their business. You should tell them about these Regulations and if you intend to give them leads for new prospects that you have generated, you must also understand the relationship between the Data Controller (You) and a Data Processor (them).


Remember, just like you, they are running their own business. If a prospect has given you permission to talk to them, that permission does not extend to passing their details to another business (your downline Member) unless you have the correct legal paperwork in place. i.e. a Data Processor's Contract.

We can help both you and your Team members stay safe and keep within the Regulations. We fully understand the MLM industry and the players within it and Our initial advice is always FREE! Contact Us HERE

Here is a 10 point Precis of the above information:

1) MLM is a legitimate style of Business, which must comply with the Law.

2) Individual Sales Agents must register with the ICO in their own right.

3) Individual Sales Agents must complete a bespoke Data Audit for their business.

4) Individual Sales Agents must have a set of paperwork based on their Audit covering their Data Policies and procedures.

5) Individual Sales Agents may advertise the MLM Company's products, services and Business Opportunity.

6) Individual Sales Agents Advertising & Marketing must comply with the Trading Schemes Act, GDPR and PECR.

7) Individual Sales Agents may only pass leads to their Team under the provisions of a Data Processor's Contract.

8) Data offences are serious, plus the ICO 'Names & Shames' everyone they prosecute on their website SEE HERE

9) Individual Sales Agents may obtain introductory Free legal advice about Data Protection from Transition Law.

10) Any Business Owner, once compliant, may join SHIELD the voluntary Accreditation Programme, free of Charge.

Finally, some great news!

ALL compliant Businesses are entitled to membership of the SHIELD Programme. They receive their own page on the SHIELD Web Portal, use of the SHIELD logo and Free Member benefits including both Legal and Marketing advice.


NB: Membership of SHIELD is FREE OF CHARGE! Find out more at