LEAD GENERATION SERVICES AGREEMENT AND GDPR COMPLIANCE

Through Lead generation service a business aims to collect personal data of its website visitors, for the purpose of facilitating the contact with them. In fact a lead is best described as a form, where the prospective customer fills personal data as his name, sex, address, phone number, health data, orientation e.t.c.  Then the service provider sells that data to its client, for the latter to perform effective contact with the prospective customers, in the purpose of selling its products.

This kind of contracts are complex since on the one hand are usually referred to the use of special tracking techniques e.g. TRACKING PIXELS, on the other hand they may present several ambiguities concerning parties obligations for GDPR compliance. It is quite common for the parties to act both as  “Data Controllers” on their own account, without however having clarified in the contract, their respective obligations as well as the limits of their liability.

Moreover, attention must be given to the point where the person concerned (prospective client) has given its consent for the processing of its personal data, which shall cover the ensemble of the purposes for which its data are processed. That said, the person concerned has to be succinctly informed by the advertiser on the purposes of its data collection.