According to the ISO

“The Privacy and Electronic Communications Regulations (PECR) sit alongside the Data Protection Act and the UK GDPR. They give people specific privacy rights in relation to electronic communications.

There are specific rules on:

• marketing calls, emails, texts and faxes;

• cookies (and similar technologies);

• keeping communications services secure; and

• customer privacy as regards traffic and location data, itemised billing, line identification, and directory listings.

We aim to help organisations comply with PECR and promote good practice by offering advice and guidance. We will take enforcement action against organisations that persistently ignore their obligations, starting with those that generate the most complaints.”