Shopping Cart

ISO 27001 Data Security

Sooner Than Later has become one of the very few direct mail companies in Ireland to achieve ISO27001 for data privacy and protection, and we are immensely proud to have obtained this certification as an organisation. In our post-GDPR world, we’ve invested considerable time and money in technology, printing equipment, software and envelope fulfilment technology to ensure we are ISO27001 certified. 

As part of our mailing and marketing campaign fulfilment offering, we provide a range of core services such as personalised direct mail, litho, digital variable digital printing, data cleansing, mail fulfilment, dispatch and response handling.

Sooner Than Later have been working towards the ISO27001 accreditation for over two years to comply with General Data Protection Regulation (GDPR) – the legislation that places strict requirements on all companies regarding how they hold and use data. Most significantly, as long as a level of ‘legitimate interest’ can be demonstrated by either the sender or for the reader, then direct mail does not require GDPR opt-in as email marketing campaigns do today.

ISO 27001 Data Security Printing Mailing

WHAT IS ISO 27001?

ISO27001 is the international standard, outlining the best practice for an ISMS (information security management system). The accreditation states that the company is following the practice outlined. The company also provides an independent, expert verification that information security is managed in line with international best practice and business objectives.


The rules around GDPR and Direct Mailing are clear

Direct mail is not part of the scope of Privacy and Electronic Communications Regulation (PECR). Therefore, it’s not susceptible to the level of regulation as email marketing if you trying to engage with a new audience.

How can direct mail help with the GDPR and winning new customers?

Mailing campaigns do not have the same levels of rules as opposed to the likes of email marketing as postal marketing does not require consent. Consent is a key element of GDPR as your customers must provide you with explicit permission to use their personal data however postal marketing does not require the same level of consent and if you company can prove that the campaign is of interest and relevance to the target market then unlike types of digital marketing, consent is not required.

High response rates

Direct mail has long been a popular medium due to the increasingly high response rates especially if you are targeting an older demographic or individuals whom might be hard to reach via other mediums.