What is PECR and Why is it Important

Privacy and Electronic Communications Regulations or PECR

PECR is a law in the United Kingdom that emphasizes electronic marketing channels like call, text, emails, cookies, etc. giving people certain rights to protect their data.

Table of Content

What is PECR?

The Privacy and Electronic Communications (EC Directive) Regulations 2003 is a law in the United Kingdom enacted to protect data and privacy by making it illegal to send marketing communications without prior permission from the recipients. The list of actions include emails, text, and even transmitting of automated recorded message for direct marketing purposes through calls without the prior consent of the concerned individual. PECR is also known as 'E -privacy directive,'

Why was PECR enacted?

With the advent of technology, many apps capture customers' data that can be used wrongly by businesses. The encroachment of businesses into the private lives of individuals with marketing mailers and text was seen as a violation of privacy. PECR is an extension of the privacy laws and sets more stringent conditions on electronic communications for marketing. PECR protects customers' data giving them privacy to work freely.

What are the regulations of PECR?

PECR gives regulations regarding access to customer details to business organizations set up in the UK and EU, and these rules also apply to businesses which are currently operating in the UK. Even if a company is not based out of the UK or EU, it has to abide by data protection rules set out under Article 3 of GDPR while interacting with individuals in UK and EU.


PECR is UK-specific data protection law while GDPR is related to European data protection law. GDPR focuses on the collection and processing of personal data while PECR set rules for the same. However, PECR is not part of GDPR, but they both complement each other as organizations need to follow both laws.

PECR Violations

Under PECR, the information commissioner's office can issue admonishment and penalties. If the organization violates PECR, then it can be counted as a criminal offense. The actions of breaking the law can cost up to £500,000.

Email marketing and PECR

There are specific rules set under PECR which express the following regulations.

  • You can't send emails without prior permission. However, in some specific conditions, you can send emails to your existing customers without consent.

  • You can't hide your email address while sending marketing emails.

  • Customers must be able to unsubscribe if they do not wish to receive emails.

  • You must not support anyone sending emails that violate the law.

These same rules apply to instant messaging channels like SMS.

PECR and Cookies

PECR also sets rules for the use of cookies as it tells the behavior of customers visiting the website like how much time they spend on a specific product. Once this information is recorded, there are chances that there might be a misuse of the data. So it becomes necessary to have certain limits on the usage of cookies.

  • The organizations must give the right information on their website or apps regarding the usage of cookies, and what data they will collect and the purpose behind collecting the cookies should be clear.

  • The customer must first permit businesses to use their cookies. Only after this can organizations have access to the cookies. However, some cookies do not require permission for usage like input cookies, multimedia content player cookies, authentication cookies, centric security cookies, etc.

PECR Compliance

To comply with the PECR regulations, the organizations must make some changes to their website as mentioned below:-

Cleaning up your website cookies

The organizations must clean unnecessary cookies from their website, which includes only that data that is required to run the website.

Dealing with third party suppliers

The organization needs to change the third-party suppliers if they are not ready to make necessary changes to the website.

The customer needs to know what cookies the organization use, and why are they necessary. Hence, the organization needs to give details about all the cookies they will collect, and the customer must permit them to use the cookies.

Developing an alternative tracking option

For customers who do not permit cookies, you will have to find alternate legal tracking options to get the required marketing information.


PECR is a safeguard against privacy intrusions by businesses and also lays down guidelines and regulations for companies to follow in UK and EU. One of the best ways to abide by this law while carrying out marketing is to build your email lists with prior permission. At Mailmodo we ensure that all emails are sent under laws and stipulations and also spread awareness for the same. Feel free to reach out to the Mailmodo team to understand how you can send a clean and safe email campaign that also brings results.

Bring life to your emails

Convert your emails into experiences
with interactive AMP elements