Tag Archives: gdpr

Our highlights from the European Data Protection Summit

We were among the 300+ delegates in attendance at the European Data Protection Summit last month to take in some great sessions on GDPR, privacy and more.

The two-day event covered GDPR 16 months on from its introduction, privacy in the era of AI and other emerging technologies and tracking cookies and the need for organisations to ensure that they are following lawful process.

Among the key takeaways from the latter session were:

  • Analytics cookies are not ‘strictly necessary’ and so can’t be used without consent;
  • A high level of (GDPR-compliant) consent must be obtained;
  • No cookies should be dropped until that consent has been given and all third parties should be named.

This will have a significant impact on how many organisations operate.

Another key takeaway from the Summit was that many companies have been waiting for the new ePrivacy Regulation before making any changes – but it may never become law in the UK if its date of application falls after the end of any transition period when the UK leaves the EU.

However, the UK will no doubt have to adopt similar rules even if the ePrivacy Regulation does not apply, so it’s important to be prepared and plan for these changes.

For more insights from the event, contact the TLA compliance team.

Five minutes with… TLA Head of Quality and Compliance Kathy Fleming

Following on from our Celebrating Women in Tech and Marketing round-table, we sat down with head of quality and compliance Kathy Fleming for a quick-fire Q&A session.

What’s your role and the role of your department at TLA?

Head of Quality & Compliance (including responsibility as the Data Protection Officer). The department is responsible for call monitoring and coaching. I have overall responsibility for FCA Compliance and one of the leads for the ISO27001 certification.

What do you believe has been the most important change to this industry over the last 5 years and why?

The new data protection law has undoubtedly had an impact on how consumer data is handled. Working with high profile clients puts us in a position of trust and it’s our responsibility to demonstrate our commitment to GDPR compliance. We must be able to demonstrate transparency and integrity in what we do, putting customers information rights at the heart of the service we are providing.

What changes do you think we’ll see in the next 5 years and what long-term impact will they have?

Better use of intelligent data (tracking data) which will help inform us and provide insights into consumer behaviour. Whilst this data will be valuable, there are certainly some compliance considerations that must be at the forefront of this activity.

What excites you most about the industry?

The development of systems to enhance what we already do – in particular the way in which TLA can evolve to become more diverse.

What aspect of your work or profession are you particularly passionate about?

Making sure that we operate with integrity in all of our interactions with customers – a DPO should act as the conscience of the organisation.

Where do you go for inspiration or to learn?

I attend a quarterly data protection networking meetings which is a great forum for sharing good practice with people in similar roles across different sectors.

Which entrepreneurs do you admire and why?

Our CEO Anton Hanley – because of his passion and tenacity.

What advice can you offer the next generation of women considering their future career?

Believe in yourself, have confidence in your ability and use every opportunity to improve and gain experience.

If you’ve got a question for the TLA team or want to know more about what makes us tick, why not get in touch?

2018 in Review: A year to remember for TLA

In 2018, we earned independent recognition, secured new clients, developed cutting-edge technology and raised a significant sum of money for charity. It was a special year for everyone connected with TLA.

2019 is well underway and our focus is firmly on the future, but it would be remiss of us not to recap on some of our biggest achievements of the last 12 months and say a massive thank you to everyone who has helped make them happen.


One of the most pleasing aspects of 2018 was the recognition we received from some of the UK’s biggest and most respected organisations. In the early part of the year, we were named in the Financial Times’ league table of the 1,000 fastest-growing companies in Europe. We featured featuring as the 56th highest-placed UK business in the FT 1000 and 363rd overall.

Soon after, we were invited to the Northern Tech Awards by Tech Nation to discover where we had placed in its Northern Tech 100 table. Our growth rate over the last three years saw us named as the 5th fastest-growing technology business in the North of the UK and the top-ranking company with Liverpool headquarters.

We followed those up with what are arguably the two of the most prestigious tech industry league tables in the country. We were named as the 50th fastest-growing tech company in the UK as part of The Sunday Times’ Tech Track 100 and 38th in Deloitte’s UK Technology Fast 50.

All four represent great recognition of our continued growth and commitment to driving performance through technology.


Regular visitors to the TLA blog will have seen a lot of GDPR-themed content from us over the last 12 months – and with good reason.

As a company that generates, processes and distributes large volumes of consumer data, we have a huge responsibility to make sure we take an ethical and accountable approach. It’s a responsibility we have always taken seriously, but there was no doubting the ground-breaking nature of GDPR, which came into effect in May.

Our proactive approach begun almost two years ago, ensuring company-wide and top-down buy-in and taking decisive action to go beyond the regulation’s requirements. This included updates to processes, policies and technology that have all helped to make us a stronger business and partner to our clients.

The result was a GDPR programme that allowed clients to confidently continue with their lead generation campaigns, generating incremental sales at a critical time. Furthermore, our programme received great publicity, not least of all for the independent endorsement we received from ASE Global.

ASE’s report concluded: “What’s particularly impressive is that the work undertaken by The Lead Agency goes far beyond what the new legislation requires.”

Cutting-edge technology

One of the most exciting things for an employee at TLA is the commitment to continuous improvement. Our value ‘go beyond limits and expectations’ is something you see daily throughout the business as we push to be the best we can be as individuals and collectively.

We never top looking for ways to take our technology to the next level to provide a better service to clients and consumers. And in 2018, that resulted in us launching our new Landing Page Builder, Publisher Portal, Client Portal, Policy Management Portal and Quality Control Portal – all of which have led to improvements across internal processes and client results.

The biggest tech evolution however was our customer acquisition platform, which we’ve been working on over the second half of the year.

Built on the principles of transparency, effectiveness, simplicity and compliance, this new platform will transform how businesses generate incremental sales when it launches in 2019. Watch this space!


We’re passionate about creating opportunity. But it doesn’t end with our clients or staff. We commit to giving back to a worthy cause every year.

In 2018, we set an ambitious target of raising £10,000 for the NSPCC – a fantastic charity that deserves a lot of support. To achieve our goal, TLA and friends took part in a series of mammoth endurance challenges, including the London Marathon, Man v Lakes and a London to Paris Cycle.

We are immensely proud to have raised a whopping £10,450.40 and cannot thank the people who have donated enough. It genuinely means a lot to everyone here.

And finally…

We would like to extend that thank you to everyone who has played a part in what we were able to achieve in 2018 – including our clients, partners, suppliers and teammates. None of it would be possible without your continued trust, support and commitment – and for that we are immensely grateful.

We hope all of you enjoyed a great 2018 year and have made a successful start to the new year. We’re excited to see what it will bring.

GDPR in lead generation – how TLA’s proactive approach earned industry and award recognition

A recent study found that only 20% of companies believe they are GDPR compliant, whilst 53% are in the implementation phase. When it comes to working with a lead generation partner, it’s vital that you have confidence and trust in the service you’re receiving.

At TLA, our implementation phase is complete (although we remain committed to making further enhancements on an ongoing basis). We are confident that our services are not only compliant with the new regulation but go far beyond its requirements. And, crucially, we’ve been able to give peace of mind to our clients.

Jess Douce, Jaguar Land Rover: “The Lead Agency is a trusted partner. They’re not only great to work with but they believe in doing things the right way. They provide the highest-quality GDPR compliant client portal that I have used, which helps us to send more leads to our retailers.”

Danielle Hollis, Hyundai: “The Lead Agency team are a long serving partner of Hyundai. They provide good quality GDPR compliant enquiries at scale, which means we sell more cars which helps us to achieve our targets.”

Alban Treglohan, PHD: “TLA delivers transparency, professionalism and obsessive high standards. It’s this excellent service and quality that has furthered our partnership as well as our relationship with our clients.” 

A proactive approach to GDPR

We had a great foundation to start from. We’ve always taken our responsibility to consumers seriously and adhered fully with the principles of the Data Protection Act 1998. This made our transition to GDPR compliance far smoother than many other businesses in our industry and beyond.

But that’s not to say GDPR didn’t represent a challenge. The new regulation is a landmark moment for all companies, let alone a data company such as ours, so it required a full and comprehensive programme to ensure we were prepared.

Our strategy was to focus on gaining an in-depth understanding of GDPR, be proactive in our approach, take decisive action wherever we could and do everything possible to give consumers and clients peace of mind.

Early activity

Two of the most important steps we took during the planning stage were the appointment of our first dedicated compliance manager; and forming a steering group that involved people from all across the business – including our CEO and CTO.

This buy-in from the very top of the business was particularly important for making GDPR a priority.And having someone dedicated to leading the programme would ensure we never lost focus of what we wanted to do.

We also mapped our current processes and services against the requirements of GDPR to identify areas that needed to be addressed and how we could take TLA to the next level.From there we created an 18-month, action-orientated GDPR programme that detailed enhancements to our policies, technologies and services.

Compliance Portal

The most significant enhancement was building a Compliance Portal – a place where clients could have access to a full and documented audit trail of every step a consumer takes from their initial enquiry through to the lead being delivered directly into their CRM.

This approach not only addressed the need for accountability – one of the new principles of GDPR – but it went far beyond those requirements by offering complete transparency for clients.

Working with clients

Another fundamental step was engaging clients throughout the process – from the planning stage through to progress made with key actions. We consulted a number of clients on the development of the Compliance Portal to make sure it met their core needs as well as adding value to the service we provide.

We also used our website, social channels and email to create content for our clients and partners that broke down some of the key features of GDPR and what actions they could or should be making in preparation.

Independent assessment

With the exception of the regulator, the Information Commissioners Office (ICO), there are no official auditors for GDPR compliance. But we wanted to put our programme to the test and make sure it delivered what we wanted it to.

We invited ASE Global, a company that has provided a range of services to the automotive industry for more than 40 years, to conduct an independent GDPR Readiness Assessment.

The result was a glowing endorsement for TLA’s GDPR Programme. Here are some of the key excerpts from ASE’s report:

“There is a clear ‘top-down’ commitment to compliance which drives all associated activities. Internal focus has been on compliance. However, this has been conducted with an eye on the customer, to keep them informed and up to date in as transparent a manner as possible.”

“What’s particularly impressive is that the work undertaken by The Lead Agency goes far beyond what the new legislation requires.”

“Internally, The Lead Agency’s policies are sound, staff are appropriately trained and there is commitment to ensure compliance does not suffer over time. Externally, customers can provide their personal data to the business confident that the processing it is subject to will be compliant.”

Award nomination

This brings us to our recent news. Our GDPR programme has earned us a nomination for Data Pioneer of the Year at the inaugural UK Business Tech Awards.

This is a proud piece of recognition for the commitment we’ve shown and enhancements we’ve made to go beyond GDPR’s requirements and provide consumers and clients with peace of mind.

To maximise your sales performance with a GDPR-compliant service, contact us today.

TLA’s GDPR programme shortlisted for Data Pioneer of the Year

TLA has been named on a five-company shortlist for Data Pioneer of the Year at the inaugural UK Business Tech Awards.

UK BIZ TECH 2018The nomination is for our comprehensive GDPR programme and the steps taken to strengthen our processes ahead of the new regulations coming into effect in May.

Taking place in London on 20th November, the awards will celebrate the UK’s finest tech businesses and reward innovative and exceptional application of technology to transform and grow businesses.

While we’ve long advocated and practised a responsible approach to consumer data, our programme – led by our in-house compliance manager – focused on updates to policies, technology and services that would ensure compliance with the new regulation and offer peace of mind to clients and customers.

Earlier this year, we received an independent endorsement for our GDPR programme when automotive specialist ASE Global completed a GDPR Readiness Assessment.

In the resulting report, ASE Global’s Data Protection and Compliance Officer, Kevin Symm, said: “The right attitude is evident from the top-down at The Lead Agency. It’s clear that there is a real and determined commitment to GDPR and how it can be used to make the business better.”

The Age of Transparency: How consumer attitudes have changed, and why brands must do the same

From GDPR to social media, the world of information has changed. And so too have consumer attitudes, with increased awareness and interest in data protection, ethical behaviour and transparency.

GDPR, the most recent and highly-publicised change, has perforated the public consciousness as well as the business community. Consumers are now more aware and therefore more cautious over how their data is being used than ever before.

The new regulation was put in place to ensure a higher standard of consumer consent. Yet, despite the heavily publicised lead up, it was reported that 60% of EU businesses were still unprepared for GDPR when it came into effect on 25th May.

However, the shift in consumer attitudes goes far beyond GDPR compliance. Consumers now want and even expect businesses to be transparent about their intentions across the full spectrum of business activities.

Transparency, consent, authenticity and trust are central to affirming all-important long-lasting brand relationships but they remain a challenge for many organisations. A study carried out by measurement and analytics firm Integral Ad Science (IAS) revealed that 56% of senior marketing professionals cite transparency as a key concern in their advertising.

Transparency in marketing

There are many customer touchpoints throughout a consumer’s buying journey. Understanding and improving the points can enhance user and customer journey mapping. Yet, each one brings about greater risks for businesses if their intentions are unclear.

As our head of performance marketing Paul Court argues, “understanding all customer touchpoints and ensuring that compliant and transparent activity is consistently demonstrated will lead to stronger results”.

Social media is a great example with sites such as Instagram and Twitter allowing for direct contact to be made between a consumer and a company. Consumers can even go so far as connecting with company directors (if they so wish), thus demonstrating an even higher level of openness, transparency and cultural awareness.

Transparency in culture

But transparency is not a tactic to help companies attract consumers. Authenticity is key and that must ultimately come from within – a company’s core values and culture.

According to the American Psychological Association’s (APA) 2016 Work and Well-Being Survey, only 51% of respondents feel their values match their employer. Failure to be clear and ethical in business proceedings has a negative effect on staff, leading to decision-making that can damage the external brand image.

A company’s core values should be in harmony with not only their staff but with their consumers’ attitudes, cementing a clear and mutual understanding of honest and ethical proceedings.

Transparency in data

Considering all of this, GDPR should not be viewed as a blocker, but as an opportunity to affirm the relationship between your brand and your consumers. Transparent companies will be able to disclose the fair and ethical reasons behind their regulatory processes, building trust in the process.

Research carried out by Forbes showed that when a company uses data in a relevant way and can be trusted, the customer is more willing to share their data. Offering reassurance and providing customers with the real reasons behind information requests online will therefore nurture the brand-customer relationship.

The assistance of third-party companies in that endeavour, whether that be in lead generation or other parts of the business, must be founded upon responsible and ethical practices. Partners must be committed to putting transparency at the forefront of their business proceedings to ensure that the delicate trust between brand and consumer can be strengthened even further.

To learn more about our transparent approach, read what ASE Global had to say about our GDPR compliant leads.

Rebuilding your prospect database quickly, with compliant data, in the new GDPR world

For many organisations, the biggest impact of GDPR could well be as a result of their own preparation.

Many organisations have taken the difficult decision to remove large volumes of data from their databases due to concerns over how it was originally captured. This is putting pressure on budget-holders to find ways to rebuild in a compliant manner.

For years, lead generation has provided a fast, efficient route to new prospects and customers – but can you trust third-party data to be compliant?

Understandably, we believe you can.

We take our responsibility with consumer data seriously, which gave us a great starting point on which to prepare for the incoming regulation. But it didn’t stop us  addressing this with the importance it deserves and putting every aspect of our approach under the microscope.

We implemented changes where necessary, including updated policies, procedures and documentation. We also implemented new technology such as our Client Portal, which provides a complete audit trail of every consumer’s journey from beginning to end.

Confident in our approach but still keen to identify areas for improvement, we recently invited specialist ASE Global, consultants to the majority of the world’s automotive manufacturers, to assess our preparation.

Data protection and compliance officer for ASE, Kevin Symm, said: “The levels The Lead Agency has gone to and the things it has implemented – such as the client portal, policies, procedures and documentation – go as far as anything we’ve seen for how companies can minimise the potential for something to go wrong and then maximise how quickly any potential issues can be discovered and acted upon. It really is impressive.”

Despite the excellent report, we continue to look for ways to improve and remain committed to obtaining and processing consumer data in a way that is right by the consumer.

How we can connect you with new prospects

Our approach to customer acquisition can provide you with access to a unique and extensive market place consisting of trusted publisher networks and TLA’s own digital assets including bot technology. These help you to reach and connect with more of the right consumers – in-market, compliant and with a genuine interest in our clients’ products and services.

Through our bespoke Client Portal, you can see every step of that consumer’s journey – fully documented for your peace of mind. Every lead is then qualified thoroughly using both tech and our in-house contact centre team that are extensively trained and work to your exact requirements.

For the consumer, we simplify their buying journey and route to the products and services they’re in the market for. This means that we can repopulate your databases quickly and efficiently with prospective customers who are at various stages of the funnel.

In automotive, a vertical in which we have operated in for more than 16 years, we supply lead types such as ‘keep me informed’ interest on new car launches, test drive and brochure requests and quotes – all of which are compliant with GDPR and qualified to ensure they are in-market.

If you would like to discuss how we can help you rebuild your prospect lists in a compliant manner, contact us today.

GDPR in lead generation: meet compliance manager Kathy Fleming

In 2017, we appointed compliance manager Kathy Fleming to lead a comprehensive GDPR programme and ensure compliance with other key regulations. Here we discuss her role, the impact of GDPR in lead generation and her time at TLA.

What can you tell us about your role at TLA?

My role is to oversee all legislation compliance for the business. Naturally, my immediate focus has been on GDPR – making sure we had robust and responsible programme in place that involved the entire business. But I also look after our regulatory activity to ensure we meet the Financial Conduct Authority requirements; plus PECR and Ofcom regulations.

You’ve worked in both the public and private sector, working for companies such as Betfred, Your Housing Group and Barclaycard. How would you say data protection has changed over time and between these industries/sectors?

In the public sector, data protection has traditionally been far more stringent due to the fact that any money they spend comes from the public purse. Legislation has always been taken more seriously with greater levels of accountability. In the private sector, there was always the need to balance the commercial interests of the business against their regulatory commitment. However, GDPR has put far greater emphasis on private sector organisations in accepting that they have to be accountable for their actions.

There has rightly been a lot of focus on GDPR over the last few months. How would you summarise the changes?

In the past, each EU member state had their own legislation regarding data protection; GDPR has introduced consistency across all EU member states. One of the fundamental aspects is about strengthening the rights of individuals because the way in which we use data today is completely different to how we used data twenty years ago. The old legislation was no longer fit for purpose and needed to change.

What impact will Brexit have on the UK’s commitment to GDPR?

None whatsoever. The Information Commissioners Office (the regulator for data protection in this country) has stated that despite the UK’s decision to leave the EU, the implementation of GDPR will not be postponed or affected. GDPR is an important, comprehensive and thorough piece of legislation applicable across all EU Member states.

What are the significant ways in which GDPR will impact lead generation and marketing?

Any organisation that processes personal data must establish a lawful basis for processing this information. Here at The Lead Agency, we mainly rely upon consent. Under the old legislation, companies were able to rely upon a pre-ticked box which would assume that customers had consented; however, under GDPR this form of consent is not valid. Consent is only valid if it is a proactive indication of a customer’s wishes (i.e. a clear and proactive tick of a box to indicate positive consent or the click of a submit button to confirm that the individual is happy for their personal data to be processed). This is bad news for lead generators that have traditionally focused on low quality and high volumes. But good news for those that focus on high quality, qualified leads.

Is it possible to be a responsible lead generation company?

Absolutely. Lead generation companies tend to have had bad press, but our CEO Anton Hanley wants us to stand out from the rest. We are a quality lead generation company. We create a relationship with consumers that have shown a genuine interest in our clients’ products or services and engage them to ensure they are in-market before giving them the opportunity to connect with our clients. This responsible attitude is one of the main reasons why our transition to GDPR compliance has been smooth and why I believe GDPR is a good thing for the business. We can fully demonstrate our accountability, which can only help us to build trust with our clients.

TLA’s approach to GDPR has received strong praise from automotive specialist ASE Global. What do you believe has been the key to our successful preparation?

Firstly, can I say how delighted we were with ASE’s report and comments. To hear that of the hundreds of companies ASE had assessed or worked with, TLA had by far the most good practice in place was very rewarding after the hard work and commitment of the team. And that was the key – having a commitment from our CEO from the very beginning and a team willing to learn about the new legislation, understand it and then bring ideas for how we could improve our processes. We have used GDPR to become a better organisation.

Which brings us nicely to our final question. How have you found working for TLA so far?

Genuinely great. It is a fast-paced and exciting business with supportive colleagues. Everyone is willing to give up some of their time to help each other. Not to hand-hold but to always be there for support and guidance. Anton’s enthusiasm and drive to make the business as successful as possible radiates throughout the organisation and encourages everyone to be the best we can be.

Visit our News & Views hub to read more about our preparation for GDPR.

Manufacturers reveal confidence in TLA’s GDPR-compliant leads

With GDPR now in place, can car manufacturers continue to trust the third-party data they receive from lead generation companies?

In short, the answer is a ‘yes’ from The Lead Agency. This trust building hasn’t happened overnight. We’ve served the UK automotive industry since 2002 and currently work with the majority of the country’s manufacturers on their lead generation campaigns.

We took a proactive approach to GDPR, starting our preparation early and working closely with our clients over the last year. We have left no stone unturned to ensure our customer acquisition service provides both quality leads and peace of mind to our clients.

“The Lead Agency team are a trusted partner to our business,” said Jess Douce, marketing manager for Jaguar Land Rover’s UK new car sales team, looking after retail, fleet and business, AUV and aftersales. “They’re not only great to work with but they believe in doing things the right way.”

“They provide the highest-quality GDPR-compliant client portal that I have used, which help us to send more leads to our retailers,” she added.

“Remarkable” approach to GDPR

Last week we received a glowing endorsement from ASE Global for our “remarkable” preparation for GDPR, with the automotive specialist commenting that “the work undertaken by The Lead Agency goes far beyond what the new legislation requires.”

We’re proud of that feedback and it’s even more pleasing to hear our clients echo the sentiment.

“The Lead Agency team are a long serving partner of Hyundai,” said the manufacturer’s senior manager for CRM and insight Danielle Hollis. “They provide good quality GDPR compliant enquiries at scale, which means we sell more cars which helps us achieve our targets.”

In the coming weeks, we’ll reveal our thoughts on the future of lead generation in a post-GDPR world and our advice for making it a viable part of your marketing strategy.

In the meantime, you can read more about our GDPR preparation and advice for other organisations in our recent article in Car Dealer Magazine.

ASE Global endorses The Lead Agency for its approach to GDPR in automotive lead generation

ASE Global, the automotive accountancy and business services company, has provided a strong and positive endorsement to The Lead Agency for its commitment to GDPR compliance.

The auditors described our approach as “remarkable” following a GDPR Readiness Assessment that reviewed our core compliance documents and relevant activity – including our data mapping, privacy statement and technology.

Kevin Symm, data protection and compliance officer for ASE, said: “We have been working with hundreds of businesses in the automotive space, ranging from household names with 10,000s of staff down to small companies.

“We’ve seen the full range of practices – good and bad – that those businesses have in place but in no one business have we seen as many good practices as at The Lead Agency,” he added.

ASE has been providing audit and accountancy services in the automotive industry for more than 40 years, working in more than 50 countries, with brands such as Audi, BMW, Volkswagen and Ford. Its GDPR team, which was established following the announcement of the new regulation, has provided GDPR assistance to in excess of 700 retailers and a number of national and international manufacturers in the last 12 months.


In its official assessment of The Lead Agency’s approach, ASE said: “There is a clear ‘top-down’ commitment to compliance which drives all associated activities. Internal focus has been on compliance. However, this has been conducted with an eye on the customer, to keep them informed and up to date in as transparent a manner as possible.”

We have gone to great lengths to prepare fully for the new legislation; from what ASE described as “comprehensively undertaken” data mapping to an “excellent” privacy statement. In addition, we have built our proprietary Client Portal, which provides a complete audit trail of every consumer’s journey from beginning to end.

Commenting on our preparation, Kevin said: “The levels The Lead Agency has gone to and the things it has implemented – such as the client portal, policies, procedures and documentation – go as far as anything we’ve seen for how companies can minimise the potential for something to go wrong and then maximise how quickly any potential issues can be discovered and acted upon. It really is impressive.”


“What’s particularly impressive,” said Kevin, “is that the work undertaken by The Lead Agency goes far beyond what the new legislation requires. The company is in a very good place.”

“The right attitude is evident from the top-down at The Lead Agency. It’s clear that there is a real and determined commitment to GDPR and how it can be used to make the business better.”

The report concludes: “Internally, The Lead Agency’s policies are sound, staff are appropriately trained and there is commitment to ensure compliance does not suffer over time. Externally, customers can provide their personal data to the business confident that the processing it is subject to will be compliant.”

For more information on The Lead Agency’s automotive lead generation services, contact the team today.