GDPR compliant WiFi for pubs is a guest network that only collects customer data with documented explicit consent, stores that data securely, and keeps it completely separate from a pub's operational systems. Purple Connect is a free guest WiFi platform giving any UK pub a branded, professionally isolated network from day one — with no customer data collected at the free tier, so no GDPR marketing obligations to manage. Purple Engage is the paid upgrade that adds GDPR-compliant data capture and automated marketing, while Purple Shield adds DNS content filtering for full Digital Economy Act compliance.
The question most landlords ask when they think about guest WiFi and customer data is: is this actually legal?
Yes — but only when it is set up correctly. The good news is that doing it correctly is straightforward with the right platform. Here is everything a UK pub owner needs to know, without the legal jargon.
What GDPR Actually Means for a Pub Offering WiFi
The moment your WiFi login page collects any personal data — a name, email address, or social media login — you become a data controller under GDPR. That is a formal legal status with specific obligations:
- Explicit consent: Customers must actively agree to receive marketing — a pre-ticked box does not count
- Transparency: Customers must be told what data you are collecting and why, at the point of collection
- Consent records: You must be able to prove consent was given for every contact
- Data security: Personal data must be stored securely and never shared without authorisation
- Right to withdraw: Customers must be able to opt out at any time
GDPR marketing obligations only apply once you upgrade to Purple Engage — which is specifically built to handle those obligations automatically at every login.
The Most Common GDPR Mistakes Pub Landlords Make
Pre-ticking the marketing opt-in box: Under GDPR, consent must be freely given and unambiguous. A pre-ticked checkbox does not meet that standard. Purple Engage enforces a separate unticked opt-in by design.
Collecting emails with no privacy policy: If you are capturing customer data, you must link to a privacy policy from your login page. It does not need to be lengthy — but it must explain what you collect, why, how long you keep it, and how customers can request deletion.
No record of when or how consent was given: If a complaint is made to the ICO, you will be asked to produce evidence. Purple Engage generates a dated, logged consent record automatically for every single login.
Adding customers to a mailing list without specific consent: WiFi access consent and marketing consent are separate and must be presented separately. Purple Engage handles this split automatically.
GDPR and the Digital Economy Act: Two Separate Obligations
GDPR governs how you handle customer data. The Digital Economy Act 2017 governs what happens on your network — specifically, your duty to prevent it being used to access illegal material.
This is where DNS content filtering becomes a legal requirement. Under the Act, you must take reasonable steps to block access to illegal downloads, adult content, and other harmful material on your public network.
This is not included in Purple Connect's free tier. Purple Shield is Purple's dedicated content filtering product — certified by Friendly WiFi and the Internet Watch Foundation, using AI to block threats 10 days faster than comparable solutions. A large UK hospitality chain with 330+ venues using Shield had 241,000 threats blocked in a single week.
For any pub welcoming families — or any landlord who wants full legal protection — Shield is the right addition.
How the Purple Tiers Work Together for Full Compliance
| Requirement | Covered By | Tier |
|---|---|---|
| Secure isolated guest network | Purple Connect + Hub | Free |
| Branded login portal | Purple Connect | Free |
| GDPR-compliant data capture with consent records | Purple Engage | Paid |
| Automated marketing from captured data | Purple Engage | Paid |
| DNS content filtering (Digital Economy Act) | Purple Shield | Paid |
| AI threat detection and malware blocking | Purple Shield | Paid |
Setting Up GDPR Compliant WiFi: The Practical Checklist
- Install the Purple Hub — network isolation and branded portal active from day one on Connect free
- To collect customer data: upgrade to Purple Engage — consent records generated automatically at every login
- Marketing opt-in presented as a separate unticked checkbox on your login page
- Privacy policy linked from your login page
- To meet Digital Economy Act obligations: add Purple Shield for DNS content filtering
- Customers able to unsubscribe from marketing at any time
Compliance as a Competitive Advantage
A pub that handles data transparently builds more trust than one that does not. When customers know their privacy is respected, they opt in more willingly — and Purple Engage venues see an average 35% marketing opt-in rate as a result.
That opted-in contact list is one of the most valuable assets an independent pub can own. A direct line to your best customers that no algorithm can take away.
