Why does this matter?
Marketing consent is not information “for one department only”. It is a decision made by the data subject, and it should be respected across the entire organisation.
If a customer, contractor or subscriber withdraws consent to receive marketing communications, the company must be able to effectively stop any further activities based on that consent. The problem arises when consent information is scattered across different places: a CRM system, an email marketing platform, Excel spreadsheets, a call centre database, web forms, event tools or local files maintained by different teams.
In such a situation, one department may record the withdrawal of consent, while another continues to act on the basis of outdated information. In practice, the company no longer knows which version of the data is current.
What can go wrong?
The biggest risk is the lack of a single source of truth for the status of marketing consents.
If an organisation does not have a central consent register or an effective synchronisation mechanism between systems, withdrawal of consent may not reach all the places where the data is used. The same person may then appear as “unsubscribed” in one system and as “active” in another.
This kind of error may occur in particular when:
- different departments use different contact databases,
- data is exported to files and later used in campaigns,
- the email marketing system is not integrated with the CRM,
- consents are collected through forms, events, landing pages and sales representatives, but are not transferred to one database,
- employees manually update consent status,
- the company has no clear rule as to which system is authoritative.
As a result, withdrawn consent may be accidentally overwritten, omitted or replaced with an older status. From the data subject’s perspective, it may look as if the company has ignored their decision.
Potential breach scenario
A customer signs up for a newsletter while downloading material from a website. Their consent is recorded in the email marketing system and in the CRM. A few months later, the customer clicks the “unsubscribe” link in an email. The email marketing system records the opt-out, but the CRM is not updated.
A week later, the sales department prepares a marketing campaign. It exports contacts from the CRM, where the customer still appears as a person with active marketing consent. The employee does not know that the consent has been withdrawn in another system. The customer receives an email with an offer, even though they had previously opted out of marketing communications.
The customer files a complaint. The company starts an internal review and discovers that consent statuses are inconsistent across systems. There is no central register, no automatic synchronisation, and individual departments are working with different versions of the data.
Such an incident may mean not only a loss of customer trust, but also the need to conduct an internal compliance review, document the error, change the process and, in certain cases, face the risk of proceedings before the supervisory authority.
What not to do?
- Do not manage marketing consents solely in scattered spreadsheets, local files or separate departmental databases.
- Do not export marketing lists without checking the current status of consents and objections.
- Do not allow older data imports to overwrite more recent consent withdrawals.
- Do not base marketing campaigns on databases whose source, update date and consent status are unclear.
- Do not leave decisions about whether consent is current to employees who do not have access to the person’s full contact history.
Remember!
Withdrawal of consent must be effective across the entire organisation, not just in one system.
The rule is simple: a company should know the current consent status of a given person, where that status comes from, when it was changed and which systems use it.
The safest solution is a single source of truth for marketing consents or a well-controlled synchronisation mechanism between systems. This way, withdrawn consent does not “come back to life” simply because another department was working on an outdated database.