Home » Courses » PECR & ePrivacy for Marketers

PECR for Marketers Online Course


Learn how to comply with PECR (Privacy and Electronic Communications Regulations) and the incoming ePrivacy regulation.

This PECR training is recommended for those working in marketing, advertising, sales or website maintenance.  

The content is relevant to any company marketing to UK-based customers, or making a website/app available to UK-based visitors.

  • 100% online
  • 1.5-2.5 hours
  • PECR (🇬🇧) + ePrivacy (🇪🇺)
  • Included in Plus
  • Certificate


“Clear and well explained”

M Lewis

Director, Clarity in Marketing

Why learn about PECR and ePrivacy?

  • Reduce your risk of financial penalties and prosecution for non-compliance
  • Delight your customers with better respect for their privacy and preferences
  • Grow your skill set and career options
  • Feel confident sending campaigns live and enriching your data strategy
  • Save yourself the pain of having to throw away a list of marketing contacts, just because somebody in the team didn’t fully understand the rules
  • Future-proof your marketing work against upcoming legislation changes

Warning! 🚩

Data privacy training red flags – what you need to avoid when picking a course.

1. The course that’s never updated.

The technology and processes that PECR covers have changed a lot since 2003. But many training courses haven’t. Following old guidance can be a big risk, make sure you get training materials which are kept up-to-date.

2. The really boring course.

PECR training might never oscar-worthy. But it is still possible to make it interactive and engaging. Steer clear of boring courses which make staff switch off – wasting time and leaving risky knowledge gaps.

3. The course that’s too basic.

There’s a lot to cover in PECR and it’s important to understand not just the rules but how it actually works in practice. Steer clear of any “super short” course because it’s probably too basic – meaning it will leave knowledge gaps. And knowledge gaps can mean… poor compliance, which can lead to fines. Why not spend just a little bit more time and do it right from the start?

4. The course that doesn’t put anything into practice.

Knowing the PECR rules off by heart is one thing but being able to actually apply it to your day to day work is another. Avoid training that doesn’t show you how you can apply what you’ve learnt through practical real-world examples.

PECR course slide featuring information about ePrivacy regulation
PECR course slide asking what action to take next
PECR course slide covering viral marketing campaigns
PECR course slide covering cookie rules and cookie categorisation
PECR course slide covering PECR enforcement warning
PECR course slide covering b2b marketing rules for email

Course features


Nobody wants to be lectured to. Learners get the knowledge they need through concise and engaging videos. Then, they apply what they’ve learnt through situational questions.

Ticks every box

Aligns with the ICO’s accountability guidelines for data privacy training.

Kept up to date

How PECR is applied can change overnight. Our team regularly reviews the latest developments in data privacy law. We build this knowledge into regular course updates and email alerts so you can keep ahead.


This course won’t leave any knowledge gaps. It gives staff exactly what they need to know and makes sure they can understand how it is applied in practice.

Learning with us

Client Logo - EV
Client Logo
Client Logo
Client Logo

Regulations covered

Privacy and Electronic Communications Regulations 2019
Applies in: UK 🇬🇧

Current UK regulation that provides rules on direct marketing and the use of tracking technologies like cookies. This course will focus on the most recent version of PECR.

Privacy and Electronic Communications Directive 2002/58/EC
Applies in: EEA 🇪🇺

EU directive that provides rules on direct marketing and the use of tracking technologies like cookies. This course will cover what we can expect from the incoming update to ePrivacy based on current drafts.

Course information

What you’ll learn

  • Where PECR applies and how it fits into the wider data law landscape in the UK and EEA.
  • The rules PECR applies to direct marketing – b2b and b2c.
    • Phone, email & SMS.
  • How PECR affects the use of cookies and other tracking technologies.
  • How to prepare PECR compliant marketing lists and CRM records.
  • How courts and regulators like the ICO enforce and handle breaches of PECR.
  • How to apply PECR in your day-to-day marketing or sales tasks.

This course is recommended for

All staff working in marketing, advertising, sales or website maintenance.  


There are no prerequisites for this PECR training. A basic understanding of GDPR will help but is not required as detailed explanations of key concepts will be provided.

What do I need for this course?

This course is 100% online and delivered through our online learning platform. You will need a computer and a stable internet connection to access the video lessons and interactive assessments. Organisations can also access this content via their own LMS on request (different pricing and licensing terms will apply).

Course content

Section 1: What is PECR?

What you’ll learn

This online course kicks off with the basics to help you build up a background on PECR and how it relates to GDPR.

Then we’ll dive into where PECR came from, some of the key concepts you need to know to make sense of the rules and how PECR applies across the UK & EEA.


  • Introduction
    • What is PECR?
    • Pop quiz 1
  • Key concepts & definitions
  • Legal jurisdiction
  • Penalties & enforcement
    • Pop quiz 2
  • PECR for EEA citizens
  • End of Section 1 quiz

How good is your current knowledge?

Section 2: PECR In-depth

What you’ll learn

In this section we’ll go through the PECR rules on direct marketing, marketing lists, and cookies in-depth. 

By the end of this section you’ll be equipped with the essential PECR knowledge required to fulfil your role.


  • Introduction to PECR and marketing
  • Direct marketing
    • Introduction to direct marketing
    • Calls for marketing
    • Pop quiz 3
    • Texts and emails for marketing
    • Mail for marketing
    • Fax for marketing
    • Bought or “third party” marketing lists
    • Pop quiz 4
  • Cookies & similar tracking technology
  • Case study
    • AMEX: PECR email campaign breach
  • End of Section 2 quiz

How good is your current knowledge?

Section 3: PECR in-practice for marketers

What you’ll learn

In this section you’ll learn how to apply the PECR rules in your day-to-day work through our practical lessons packed with examples.

For example you’ll learn how to apply PECR when sending direct marketing campaigns by email, text and phone, and how to setup cookies and other tracking technologies, like Facebook Pixel in a PECR compliant manner on your website.


  • Introduction to PECR for marketers B2B & B2C 
  • In practice: Direct marketing
    • Consent
    • Email
    • SMS
    • Telephone
    • Direct mail & fax
    • Direct marketing summary
  • Soft opt-in
  • Opt-out
  • In practice: cookies & tracking technologies
    • Introduction to cookies
    • Running a PECR audit on your use of cookies
    • Cookie audit template
  • Applying PECR to website or apps
    • Cookie consent mechanism
    • Cookie policy
  • Applying PECR to future technologies (Optional)
  • In-practice: Marketing lists (Optional)
  • In-practice: CRM
    • Applying PECR to your CRM
    • Communicating to customers about PECR
  • End of Section 3 quiz

How good is your current knowledge?

Section 4: ePrivacy (optional)

What you’ll learn

In this section you’ll learn what we know so far about the incoming ePrivacy regulation. You’ll get a feel for what changes may be required to your marketing practices if you are marketing to customers within the EEA. You’ll also learn where to look to keep yourself up to date.


  • ePrivacy: What’s coming next and what action to take

Why I started Measured Collective

Founder – Scott Dooley

I know what it feels like to worry about getting data privacy law wrong. About getting a huge fine or being the subject of an investigation. A few years ago when GDPR was coming into force I was working in tech, managing a marketing team in London. 

I’d heard that GDPR was coming into force and that it would change how we processed data. 

For a marketer this was worrying, we had huge databases full of customers and we’d just started to analyse all the data we were collecting across our website to understand how people were interacting with our products. We even had projects in the pipeline that would help us split customers into groups based on their previous interactions with our products, and then allow us to send them targeted communications by email.

Rumours were going around that most of the data we’d collected would need to go. I didn’t want to lose this valuable data. And I didn’t want to be the reason why the company I worked for got a GDPR fine or became the subject of an investigation.

I realised we’d need to get compliant. And found out shortly afterwards that the budget for outside help was almost non-existent.

So I set out to learn a lot about GDPR myself. Along the way I found a lot of confusing information.

There were junk articles written by companies trying to sell you their legal services or cookie consent software – which were full of bad advice which seemed to just be a copy and paste job from the last article.

There were myths spread by people with only a vague understanding of the GDPR rules, who had likely never even read the legal text.

And there were (some) lawyers who appeared to be scrambling to catch up, they seemed only capable of repeating the same poor quality advice we were getting from the regulators at the time.

They also didn’t seem to understand how any business actually operated day to day. Getting to what GDPR actually meant in practice and how it would affect our day to day work was a nightmare.

My priorities were to get our entire operations compliant under GDPR and to keep up with my targets. I also needed to get my whole team up to speed with this new legislation so that we could stop putting in place processes that made our compliance worse.

To get the information I needed, I studied closely what the regulators said, I studied the law (yawn), and I spoke to as many experts as I could.

I ended up delivering my own company wide training seminar to help the company get up to speed with GDPR. 

I got a few laughs and to my surprise a round of applause at the end… I realised it was possible to teach something “boring” but still make it engaging.

This experience is what led me to start Measured Collective. My initial plan was to teach everyone about how to use data to design better business processes and to understand their customers better, but we kept running into the same roadblock in our discussions with our first clients. They had the data, but they hadn’t done the compliance work required to use it legally under GDPR.

So I pivoted to focus on data privacy training.

I started by looking at what training was already available on the market and found the same red flags again and again:

  • The slides for each course looked like they had travelled here from 1998.
  • The content was too basic, just repeating the bare bones GDPR knowledge.
  • There were hardly any examples or explanations of how to actually apply GDPR in practice.
  • The same old course was being resold again and again without any updates.

So with the help of some data privacy experts and the input of people who were working across HR, marketing and operations in businesses at the time I set out to make something different.

Data privacy training which was engaging – so trainees stay focussed. Comprehensive – so that trainees don’t have knowledge gaps which can put you at risk of fines. Full of examples – so trainees can understand how to apply what they’ve just learned. Regularly updated – so trainees don’t waste time learning out of date guidance, and companies can keep ahead with their compliance efforts.

It’s been a tough but rewarding experience (with more changes to data privacy law than we were expecting over the last few years). Now, three years in we get regular positive feedback from our clients in our end of course surveys and directly by email.

Hopefully we can get a chance to help you and your team out too – please let me know what you think.

How it works

Step 1

Buy course seats

Purchase online using your credit or debit card. Or contact us directly to pay by bank transfer. Our onboarding team will be in touch to help you invite staff members to take up their seats. They’ll receive an invite to join our learning platform by email.

Step 2

Start learning

Each team member will have access to the learning materials, interactive assessments and quizzes. On completion of the course team members will be issued with a certificate.

Step 3

Keep ahead

You’ll receive periodic updates by email covering changes to PECR, enforcement cases and what they mean for your compliance efforts. We’ll also let you know how we’ve used this information to update the course, trainees can review any updated lesson materials on the learning platform.

What’s included


  • Distraction-free online learning platform
  • Mini quizzes, template downloads & end of course assessment


  • Access to all course material updates and enhancements for the length of your access period
  • Alerts about how changes to PECR may impact your organisation for the length of your access period


  • Certificate on completion 🎉

How much does PECR non-compliance cost?

Non-compliance with communications laws like PECR can be costly. Under PECR, a fine can be issued of up to £500,000 for non-compliance. It is expected that this will soon be raised to £17.5million or 4% of worldwide annual turnover under the UK government’s latest proposals to bring PECR fines in line with the UK GDPR.

Most fines fall down to human error. Often a result of a misunderstanding or simply forgetting how the rules work. Effective training can greatly reduce this risk.

Key outcomes

You’ll learn how to improve your PECR compliance and gain confidence when…

Using cookies and tracking technologies like Google Analytics on your website

Collecting new contacts for your email mailing list

Sending direct marketing communications to b2c contacts

Sending direct marketing communications to b2b contacts

Starting and managing sales campaigns by phone

Managing opt-out/opt-in for your CRM contacts

Applying soft-opt in to grow your list without the need for GDPR level consent

expand lines

Purchasing and using third party marketing lists


Will I get a certificate?

Yes, on completion of the course you will be issued with a digital certificate. It will be issued by our team shortly after completion of Sections 1-3 of the course including the end of course quiz. You can add this to your LinkedIn profile.

Can I buy multiple seats?

Yes, simply state a team name, for example “ABC Marketing Team”, then select the number of seats required. Next indicate whether you will be taking a seat yourself, or simply will be the administration contact for the purchase. Once you have completed payment you will be prompted to invite your team to join the course. They will then receive emails with their own access details.

Is there a money back guarantee?

Yes, you can cancel your order for a full refund within 14 calendar days of purchase. Any certificates issued within this time will be voided. This does not affect your statutory rights.

Do I need qualifications to take this course?

No. Our courses require no previous experience or qualifications. Marketers working in large corporations and marketers working in startups will equally benefit.

How long does the course take to complete?

It takes approximately 1.5-3 hours to study the entire course and explore the supplementary materials. We recommend that you break your studying into small chunks to help maximise your retention.

Ask us about this course

Ask a question and our friendly team will get back to you asap.

    Data processing subject to our privacy policy.

    About PECR

    What is PECR?

    The Privacy and Electronic Communications Regulations (PECR) sit alongside the Data Protection Act and the UK GDPR. They give people specific privacy rights in relation to electronic communications.

    What is the difference between PECR and GDPR?

    The UK GDPR and EU GDPR covers the processing of all personal data, while PECR specifically covers communications data and direct marketing rules.

    Does PECR apply to non-UK companies?

    Yes if you market to or make a website that uses tracking technologies available to people within the UK. This could be as simple as making a website available to UK customers and adding Google Analytics to the website to track user behaviour.

    What makes Measured Collective PECR training different?

    This course is built for marketers. It’s packed with practical examples from brands big and small to help you understand the rules quickly. And unlike other courses, you won’t just gain knowledge of the PECR rules, you’ll also learn how to apply what you’ve just learned through the practical lessons.

    Benefits of Measured Collective Plus

    What is Measured Collective Plus?

    An annual subscription that gives you and your team access to all our online courses.*

    *Does not include live courses delivered online, in-person classroom training or customised training

    What are the benefits?

    • Includes updates for the length of your subscription. So when the law or guidance changes, your staff stay informed. No need to buy another course.
    • Incredible value. Save up to £2,021 compared to buying course seats for 20 people separately.
    • One invoice. Less administration hassle compared to returning to add on refresher training or other courses at a later date.

    Other courses

    gdpr refresher course preview

    GDPR Refresher Training Course

    Included in PLUS

    A short interactive online GDPR refresher course that will keep your knowledge of GDPR sharp and help you reduce your risk of subsequent financial penalties.

    GDPR essentials course preview

    GDPR Essentials Course

    Included in PLUS

    The GDPR awareness course that will give everyone the knowledge they need to know about UK GDPR and EU GDPR.

    Join our mailing list

    Get email alerts about GDPR and our take on the latest guidance. With a little bit of gossip too.

      Join this course

      Single Course

      Access to this course only. 6 months access.

      Measured Collective Plus +

      Unlimited access to all online courses and updates for the length of your subscription. Save up to £2,021 compared to buying course seats separately. See all benefits.

      Got a bigger team or want to host the content on your own LMS? Speak with sales.