Where can I buy data from?

8 minute read

As is common when attending exhibitions, at least 5 people asked me last week where they can get data from to populate their email marketing databases. It’s a valid question, after all, ‘collect’ is the first part of the 5-step permission marketing process, and without people to write to there’s not much point in creating an email campaign.




You can buy data and there are many people out there, both genuine and unscrupulous, who will sell or lease it to you. It’s common to hear from such suppliers that they are valid subscribed contacts who are happy to hear from you, but taking this approach opens a whole load of issues which you should at best seek to avoid, or at least be aware of.

Firstly, there’s the legal issue.

Although there are confidentiality exceptions, the buying (and selling) of data is not inherently illegal, but depending on what you do with it you should at least know where you stand. Here’s a brief summary of the legal situation. Essentially, if you don’t have direct, explicit permission from the intended recipient you must:

– have obtained details via a previous sale of your products or services, and
– demonstrate a last transaction or contact less than 12 months ago, and
– now be marketing similar products, and
– include an opt-out available of at point of collection, and
– include an opt-out available in all emails sent, and
– include company legal name, registration number, address and contact details in every message, and
– be registered with the ICO as a data controller

The above conditions are actually either required or good practice for permission based data too, and although it’s a longish list it’s relatively easy to comply with. Please don’t think you can ignore this. Anti-spam legislation is being increasingly enforced and there are a number of high-profile cases of prosecution.

Secondly, the practicalities.

The fact is true permission is a one-to-one relationship that can only be given directly. It can’t come from a third party. So when a data broker tells you that all of their database has opted in to receive emails from other parties just like you, it may well be true, but true or not, it doesn’t really matter. It’s not permission. Similarly just because subscribers haven’t opted out, it doesn’t mean that they are therefore opted in. It must be a positive action, and again there are cases of enforcement against those who confuse or abuse these two states of permission.

Then there’s the real question. It’s actually a common misconception that email marketing is a great way of prospecting. The whole point about email marketing is to use it to develop a long-term and sustainable relationship with your contacts – as Seth Godin, the originator of the permission concept put it it’s ‘the process of turning strangers into friends and friends into customers’. That relationship starts out gradually and is built on permission and the trust of providing continued value and of non-abuse – it is easy to destroy this with unwelcome email.

Genuine permission relationships (whether they are for email, direct mail or telephone contact) are completely possible but whether these are obtained through website forms, point of sale sign-ups or text-in SMS subscriptions they take time and effort to develop. It all sounds frightfully moralistic because non-permission email happens all the time – but is it really viable, is it of any real benefit, and would you want to receive it yourself? Organic list building is the best-practice standard and the optimum situation. Those who voluntarily raise their hand, that is prospects who opt-in on their own terms, are almost always better for business than someone who has no connection or familiarity with your company.

So where does that leave us with purchased data?

Even if it’s apparently current, segmented, and from a reputable source, we’d strongly recommend against buying and using bought data (that’s strongly, strongly), partly for the reasons above, but also because, in my humble experience, and sorry to all of the data brokers out there – it simply doesn’t work well, probably exactly because of the reasons above.

If you do have data for which the permission credentials are less than perfect, bought or otherwise inherited, think carefully. It may do more harm than good contacting them. However, if the data falls into the grey area where it’s genuine but not ideal from a permission perspective then a ‘managed opt-in campaign’ may be a way to proceed. Managed opt-in is intended as a polite and non-intrusive way of (re)establishing permission. It certainly shouldn’t be viewed as a default contact strategy, but handled correctly it can be effective.

Firstly make sure that all of the legal issues in terms of sender identification and opt-out are covered. Then make a brief approach outlining why you are getting in contact, why you feel that your content will be of relevance and value, and inviting your reader to sign up – this can be by email, but telephone contact can also work.

Many of course won’t (sign up that is). Many will simply ignore or delete you and some will take up your offer to unsubscribe. Think of all of these responses as a positive outcome – establishing non-permission is important too so all of these should be removed from future contact, not just the unsubscribes. For those who positively reply you have now started on your permission journey.

It’s worth mentioning that managed opt-in needs to be done under controlled circumstances. Even with the best intentions it’s easy to get yourself or your email service provider into hot water. If you’d like to know more or need some practical guidance it’s one of the things our professional services team can help you with.