Generally yes for B2B — but it is governed by the GDPR and the ePrivacy Directive at once, and the rules vary by member state. B2B calls are usually permitted on GDPR Article 6(1)(f) legitimate interest with a documented assessment held on file; B2C telemarketing needs prior opt-in consent in most states. Germany effectively requires prior consent even for B2B under the UWG, France screens consumers against Bloctel, and the Netherlands and Poland are more permissive. There is no single EU-wide rule — the strictest applicable national regime controls, and fines reach €20m or 4% of global turnover.
The GDPRgoverns the personal data behind the call — your lawful basis, the source of the number, and the recipient's rights. For B2B that basis is normally Article 6(1)(f) legitimate interest, which requires a documented Legitimate Interest Assessment before the first dial. The ePrivacy Directive (2002/58/EC) governs the act of calling, and it lets each member state pick an opt-in or opt-out regime — which is why the same call can be lawful in the Netherlands and unlawful in Germany. You must satisfy both the data law and the destination country's channel law on every call.
Legitimate interest under Article 6(1)(f), opt-out model. Hold the LIA on file, honour objections, record where the data came from.
Generally permitted but country-dependent. Verify the destination state's national ePrivacy implementation before dialling.
Germany effectively requires prior express consent for B2B advertising calls. Competitors and regulators both enforce. Do not dial without it.
Most member states require prior consent for consumer telemarketing. The legitimate-interest bar for calling consumers is very high.
National do-not-call registers must be honoured. Screen against the relevant country's list before every campaign.
Want a live verdict for a specific scenario? Our deterministic endpoint returns one with the statutory citation: /api/compliance/check
Generally yes for B2B, but it is governed by two instruments at once and the rules vary by member state. The GDPR governs the personal data behind the call; the ePrivacy Directive (2002/58/EC) and each country's national implementation govern the act of calling. B2B calls are usually permitted on a legitimate-interest basis with a documented assessment, while B2C telemarketing requires prior consent (opt-in) in most member states. There is no single EU-wide rule — the strictest applicable national regime controls.
It depends on the country. In permissive states (Netherlands, Poland) B2B calls are allowed on legitimate interest with an opt-out. In stricter states — Germany being the clearest example, under the UWG — prior consent is effectively required even for B2B calls, and unsolicited B2B calls without it are routinely penalised. Always check the destination country's national rule before dialling; the GDPR lawful basis is necessary but not sufficient on its own.
The LIA is the documented three-part test that supports relying on GDPR Article 6(1)(f) as your lawful basis: (1) the purpose test — is there a genuine legitimate interest, such as B2B marketing of a relevant product; (2) the necessity test — is the cold call a reasonable way to achieve it; and (3) the balancing test — do the recipient's rights and reasonable expectations override your interest. The LIA must be written and held on file before the first dial, and it must be revisited when circumstances change.
No, but it sets the channel rules. Article 13 of the ePrivacy Directive (2002/58/EC) requires prior consent for automated calling systems and pre-recorded messages, and lets each member state choose an opt-in or opt-out regime for live person-to-person marketing calls. That national choice is why the same call can be lawful in one EU country and unlawful in another. It works in parallel with the GDPR, not instead of it.
Germany is the strictest in practice: under the Act Against Unfair Competition (UWG), unsolicited B2B advertising calls generally require prior express consent, and enforcement is active. France requires screening against the Bloctel opt-out register for consumers and has tightened permitted calling days and hours. By contrast, the Netherlands and Poland are comparatively permissive for B2B legitimate-interest calling. Treat each market individually rather than assuming an EU-wide standard.
GDPR fines reach up to €20 million or 4% of global annual turnover, whichever is higher, for the most serious infringements. National ePrivacy and unfair-competition penalties apply separately on top. In telemarketing specifically, data-protection authorities and competitors (in Germany, via UWG injunctions) both bring enforcement, so the practical exposure combines regulatory fines with civil and injunctive risk.
Post-Brexit the UK runs UK-GDPR plus PECR rather than EU GDPR plus the ePrivacy Directive. The structure is similar — a data law plus a channel law — but the detail and the regulators differ. If you call both UK and EU numbers you must satisfy both regimes independently; a UK Legitimate Interest Assessment does not automatically cover an EU call, and vice versa.
This page is an educational compliance reference, not legal advice. EU rules are set by the GDPR plus 27 national ePrivacy implementations — always confirm against the regulation itself (EU 2016/679), the ePrivacy Directive, and the law of the specific member state you call into, and take qualified local counsel. AP Sales Coach reduces compliance risk through real-time guidance; it does not eliminate it, and final responsibility rests with the operator.
AP Sales Coach puts the next compliant line on your screen in real time — so the rules live in the tool, not in your head.