top of page

Watch out for Privacy Laws, Salestors!

Privacy Laws have been around for a long time, but they are a new entrant in the legal fraternity of many developing countries.

Privacy Laws exist to safeguard the personal data of citizens of a country. This mainly includes their identification information like name, phone number, email ID, residential address; their financial records, their healthcare data or medical records and technological data like browsing history.

As per United Nations Conference on Trade and Development (UNCTAD), 66% of countries globally have legislation in place about privacy laws, 10% of countries have draft legislation waiting to be passed, while 19% of nations have no privacy laws in place.

Did you know that India happens to be in the 66% set of nations that have privacy laws in place?

As per a survey conducted by Demand Gen Report in the EU, only 43% B2B Sales Reps were aware of their Privacy Laws. I bet a lot of salespeople, or Salestors, in India, are still unaware of what these laws are and how do they impact selling.

It is important to understand the Privacy Laws of a country especially if you are serving even one of its citizens, or are targeting that country for business.

For instance, if your business is not based in the EU, but if you own any data that belongs to an EU citizen, you need to comply with their Privacy Laws.

To do that, you need to know what Privacy Laws entail, both globally and in India. Read on.

The Privacy Laws

Briefly, privacy laws usually have these three basic traits:

  • The right to dispense any kind of information, whether personal, financial, medical or technological, remains with the customer. Companies cannot first capture the data by default and then give an option to the customer to erase it.

  • Anyone collecting customer data needs to apprise them of what it will be used for. There is no scope for ambiguity there.

  • Anyone collecting customer data needs to give them the option to erase or withdraw it anytime.

Some of the Privacy Laws that have drawn a lot of attention globally are the EU’s General Data Protection Regulation (GDPR), California Consumer Privacy Act (CCPA) and New York’s Stop Hacks and Improve Electronic Data Security (SHIELD) Act. All these laws came into effect in 2018.

The US has a lot of laws on data protection and privacy. Besides, different states are in the process of introducing their privacy laws.

For Europe, GDPR is the core of data privacy legislation. It is the EU’s mechanism to give more power to the citizens to protect their personal information and device data like IP address, mobile device IDs and encrypted data. It provides the consumers with the right to know when their data is hacked. It also requires the organisations to provide ‘the right to be forgotten’ to EU citizens allowing them to get their data deleted when they don’t want it processed further.

In India, there are three Acts on Data Protection and Privacy; the Information Technology Act, 2000, its amendment introduced in 2008 and Article 21 of the Indian Constitution (Right to Protection of Life and Personal Liberty). In August 2017, Hon’ble Supreme Court had ruled that Privacy is a fundamental right under Article 21.

The IT (Amendment) Act, 2008, has two key sections regarding Data Protection:

  • Section 43A aims to protect sensitive personal data through security mechanisms and provides for the compensation of the person affected by wrongful loss or wrongful gain;

  • Section 72A covers the punishment for the person who is held responsible for the wrongful loss or wrongful gain caused by leaking of sensitive personal data/information of the victim while serving him/her under the terms of a legal contract. The accused can face a fine of up to Rupees five lakhs or a prison term of up to three years.

So can sales and privacy laws coexist? Let’s find out.

Sales Amidst Privacy Laws

Amongst the first steps in Sales is Lead Generation, which involves cold calling/emailing. This step requires accessing the consumer’s personal data especially the name, contact number and email address. Data Protection rules can create a lot of legal resistance in getting the contact information of prospects.

Basically, Privacy Laws can be a Salestor’s nightmare.

The launch of privacy laws should not be the end of the world for salespeople. The question is how can Salestors coexist with privacy laws and still engage in smooth outbound sales?

Here are some suggestions.

Social Selling

Social media is a great tool for lead generation and connecting with prospects. People convey a lot of personal information on their social media profiles and are willing to connect for networking and business interaction.

Networking Sessions

Webinars or seminars, or networking events might just be the best tool to connect with the right people without worrying about breaching their privacy.


Getting contacts through references is one of the strongest methods of lead generation that isn’t against any privacy or data regulation. However, if the lead wants you to stop contacting them, you have no option but to oblige.

Subscription Forms

The best way to take permission from each client for accessing their personal data is through online forms (like this one here) and providing a link to your privacy statement. These are the forms that ask website visitors for their personal data like name, email ID, company name, et al. Once the website visitors fill-up the form, they receive an email confirming their data is being accessed, saved and will be used.

It is important to include an ‘Unsubscribe’ option in every email sent to the visitors. You don’t want an irate subscriber marking you as spam!


It is the most basic step to ask the visitors to your website for permission to store and use their personal data and browsing history. This is done by requesting them to accept cookies on the website.

Notification Preferences

Consider this scenario. You offer your website visitors a discount on products/services if they subscribe to your website. They accept the offer and provide you with their name, mobile number and email ID.

Now, usually, Privacy Laws make it mandatory for you to give the visitors a choice of which all emails or notifications to receive. This can be done through a notification preferences form, like the one below. You can include details of all categories of promotions or services therein.

Privacy Laws in India are not as stringent as in many developed countries right now. But the Indian government’s stand on Whatsapp’s Privacy Policy recently shows we are on our way. Moreover, Indians are doing business with global partners on a daily basis. Ultimately, the idea behind privacy laws is that businesses everywhere need to operate while respecting the confidentiality of their clientele.

Show some support! Hit ❤️

41 views0 comments


Click Meeting Pic1.jpg
MobiSystems Banner PDF Extra.jpg
bottom of page