top of page
  • Writer's pictureTransition Law

Self-Employed Sales People are in the Firing Line!

6th July 2018

If you are part of a self-employed sales team/ business opportunity/ Franchise etc., you already understand that you are running your own business.

Recently, you will no doubt have been informed by your Company how important the new GDPR and Data Protection laws are. (They have to do this by Law). Your Company may have told you that you are their ‘Data Processor’ and given you an addendum to your contract about GDPR. SOME Companies have also told their Self-employed sales team to get an Information Commissioners Office (ICO) Licence for themselves.

What they probably didn’t tell you, is that if you generate your own business leads, (which is the vast majority of you) the protection of THAT Data falls squarely on your shoulders!

An ICO licence without bespoke policies prepared for your business, is effectively useless. This means you are required, to have an ICO licence, complete a Data Audit, keep records, write a bespoke Privacy Policy for your own business etc.

If you have not done so, you WILL NOT be compliant in Law and you risk being reported to the ICO.

Why should I care – Doesn’t the company look after all this?

The short answer is ‘NO!’

Your Company has protected themselves, they have created their own Privacy policy and they have contracted with you as a Data Processor for all THEIR data. They are not responsible for the Data you collect and process, until it becomes their data.

E.G, your ‘Sales funnel’, your prospects who never actually buy, your Self generated leads for business, the people you call regularly because you know they will buy something or join up eventually!

Unless the Company provides and controls EVERY lead you get,  the everyday work you do as a Sales Person is NOT covered by THEIR Privacy policy, so it MUST be covered by YOURS!

But, there’s ONLY me in ‘my business’

Here is a quote from the ICO website advice for small businesses

“You’ll have to comply with the GDPR regardless of your size, if you process personal data.”

Enough said.

How would the government ever find little old me?

We have said this so many times before - Unless someone sends you a Subject Access Request (SAR) they probably won’t but anyone could send you an SAR then complain about you to the Information Commissioners Office (ICO). Whereupon, the Government has found you!

Am I not covered by my Franchisor, Industry body, professional organisation etc?

Once again the short answer is ‘NO!’

A large number of British businesses of all sizes are still struggling to comply themselves, let alone thinking about organising and protecting things they are NOT liable for i.e. YOU!

In the last few weeks We have spoken to various stake holders in the Direct Sales industry, members of large globally recognised firms, UK National Franchisors, Company Directors of International Network Marketing Companies and the answer has always been the same:

“We have protected ourselves, the self-employed must make their own arrangements.”  

One Company Director said they teach their members that ‘if you pretend every contact is your personal friend the ICO won’t care.’

PLEASE NOTE: Even if everyone you speak to is a personal friend, if you use their data for business without a licence, believe me, the ICO WILL care!

The Direct Selling Association (DSA) only represents the Direct Selling Companies, not their agents, Salespeople, Distributors etc.

However, they produce a Member’s business code which in clause 9 requires its members to require their ‘direct Sellers’ to “take appropriate steps to ensure the protection of private information provided to them by consumers”.

We suggested to the DSA that appropriate steps presumably means ‘follow the law’ but their spokesperson told us although they produce the business code of conduct for their members, there is little they can do if the members ignore it.

As far as those in authority are concerned, You are on your own! It is your legal responsibility to make your own arrangements.

As a Law firm we have already been approached by clients who want to send SARs to people they simply don’t like! Clearly the GDPR could become a busybodies charter!

If you do not know what to do or even where to start, the best thing to do is take professional legal advice, such as the FREE GDPR assessment offered by

An initial telephone conversation to identify your particular requirements, if any, takes less than 10 minutes, costs nothing and could save you a BIG fine and/or a CRIMINAL record!

1 view0 comments


bottom of page