0151 353 3500   |   hello@barbour-abi.com

GDPR Our Policy and Experts

Discover how Barbour ABI meet GDPR standards when it comes to the use of data

The General Data Protection Regulation (GDPR) came into force on 25th May 2018 and covers the processing and controlling of the collection, storage and use of personal data. GDPR is a hot topic and we want to be clear about how our data and processes meet the new standard.
GDPR compliance is very important to us, and we have invested a lot of time and resource to get this right – over 4,500 hours so far – and have been working in consultation with Baker McKenzie throughout the process. Every individual within the business has a responsibility for our continued success and therefore everyone is fully immersed in our extensive GDPR compliance and training programme.

We have an in-house team of four GDPR specialists with over 18 years combined experience at Barbour ABI:


Neil Edwards

Research Team Manager

Chrissy Jamieson

Head of Sales

Heather Cameron


Tom Hardy

Please do contact one of the team if you have any questions about GDPR – as well as ensuring that our people, processes and systems are compliant, they are also here to help you.

Our data collection and processing methods:

  • Barbour ABI use three lawful bases for processing personal data: legitimate interest, consent and contract. We have produced an unbiased legitimate interest assessment for each element of personally identifiable information that we process.
  • Our lawful bases are stated in our privacy notice and are made evident to everyone who gives their consent for Barbour ABI to process their data. In practice, this means we continue to gain consent from industry professionals to pass on their email address as part of our project reports for our clients. We already record this in our database and will continue to do so.
  • We are also members of the Direct Marketing Association (DMA) who provide best-practice marketing guidance underpinned by a code that puts the customer at the heart of everything they do.
  • Our fully audited GDPR compliance documentation is available to view on request.

What this means to our clients:

You can continue to use our data to support your sales and marketing activities, as long as you adhere to GDPR regarding the collection, storage and use of personal data within your own business. We recommend that you take independent advice to ensure you comply. Using personal data for the purposes of electronic marketing communications continues to be covered by the Privacy and Electronic Communications Regulations 2003.

Barbour ABI general FAQs

We have collated a list of questions that we have been asked by our clients so far. If you have a question you would like us to answer that does not appear below, please do let us know at dataprotection@barbour-abi.com.

We have audited every process within the business to ensure we are compliant with GDPR. As such, we have revised processes and procedures where necessary so that as a business, everyone understands their role in ensuring compliance with GDPR. It should be noted that GDPR relates solely to personal data, meaning a lot of existing processes remain unchanged.

The data we supplied prior to the 25th May 2018 adhered to the existing Data Protection Act (DPA) and the data we have supplied after the 25th May 2018 adheres to GDPR. GDPR does not mean you cannot process personal data, and the vast majority of data we collect will remain unchanged.

The Information Commissioner’s Office (ICO) does state that contact names are personal data, however you are still able to process personal data as long as you have a lawful basis for doing so. Our lawful bases allow us to continue to hold and process contact names.

If an individual has requested to be removed from our database then that individual will no longer appear on Barbour ABI. We advise all of our clients to extract and use the data within 24 hours. If you have extracted our data into your CRM, it will be your responsibility to update the records you hold

No. It is your responsibility to comply with GDPR for the collection, storage and use of personal data as a data controller within your business. The processes involved with our own collection, storage and use of personal data comply, and you have to ensure the same.

The data we supply to you remains the same. However, it is your responsibility to comply with GDPR for collection, storage and use of personal data within your business. Remember that under GDPR you are now the data controller and you now have to give data subjects’ enhanced rights around their personal data. You must also comply with existing regulations such as PECR and it remains your responsibility to adhere to our contracted terms and conditions.

Once you have processed data and imported it into your CRM or equivalent, under GDPR this means you are now the data controller. It is therefore your responsibility to comply with GDPR with regards to the data that you already hold. Consent gained prior to 25th May 2018 has been obtained under existing DPA regulations and is something you must be aware of. We will be refreshing our consent with individuals as an ongoing process, something we already do as “best practice” to comply with DPA, and something we will continue to do to comply with GDPR.

Get a Free Trial

Just fill in your details below and a member of our team will give you a call.

Claim your 10 free project leads today

Book a Demo

Helping Contractors

Win More Business

Get in touch with us and see how we can help you win more work.




Barbour ABI White Logo

Place of registration: Barbour ABI Limited Company number: 13427982, Registered office: 5th Floor, 133 Houndsditch, London, EC3A 7BX