PECR Compliance Checker

Consent Collection · Question 1 of 12

Do you send marketing emails or SMS to people who have not explicitly opted in?

Consent Records · Question 2 of 12

Do you record the exact consent wording shown to subscribers at the point they opted in?

Consent Records · Question 3 of 12

Can you show, for any given contact, when they consented, where they consented, and what wording was displayed?

Consent Collection · Question 4 of 12

Do you use pre-ticked consent boxes on any signup form?

Soft Opt-In · Question 5 of 12

Do you email existing customers about similar products/services without explicit consent (soft opt-in)?

Soft Opt-In · Question 6 of 12

If you use the soft opt-in, do you document all four required conditions for each contact?

Third-Party Data · Question 7 of 12

Do you use third-party data (purchased or shared lists) for email marketing?

Third-Party Data · Question 8 of 12

For any third-party data, can you trace the consent chain back to the original collection and prove it covers your specific marketing?

Ongoing Compliance · Question 9 of 12

Does every marketing email include a clear, working unsubscribe mechanism?

Ongoing Compliance · Question 10 of 12

Do you process unsubscribe requests within 28 days?

Investigation Readiness · Question 11 of 12

Do you have a documented process for responding to an ICO investigation about your marketing practices?

Investigation Readiness · Question 12 of 12

Could you produce a complete consent evidence pack for any contact within 48 hours if the ICO requested it?