If you process personal data for marketing, you will need to comply with both.
When sending direct marketing by electronic means, you must comply with the Privacy and Electronic Communications Regulations. If you are processing personal data (that is, if you know the name of the person who will receive your message), you must also comply with the Data Protection Act. In fact, Regulation 4 reminds marketers that you must remember your obligations under the Data Protection Act (if applicable) as well as your obligations under these Regulations. For more information about your obligations under the Act, please refer to our guide to data protection.
The important point to note is that you do not need to know individuals’ names in order to carry out a direct marketing exercise. For example, you may only have a list of telephone numbers to call with marketing messages. If you only hold telephone numbers and don’t know the name of the person who can be reached on that telephone number, the Data Protection Act does not apply. However, you must comply with these Regulations when you make those marketing calls. Once you know the name of the person who can be reached on that telephone number, you must also comply with your obligations under the Data Protection Act.