GDPR compliant WiFi for pubs is a guest network that only collects customer data with documented explicit consent, stores that data securely, and keeps it completely separate from a pub's operational systems. Purple Connect is a free guest WiFi platform giving any UK pub a branded, professionally isolated network from day one — with no customer data collected at the free tier, so no GDPR marketing obligations to manage. Purple Engage is the paid upgrade that adds GDPR-compliant data capture and automated marketing, while Purple Shield adds DNS content filtering for full Digital Economy Act compliance.
The question most landlords ask when they think about guest WiFi and customer data is: is this actually legal?
Yes — but only when it is set up correctly. The good news is that doing it correctly is straightforward with the right platform. Here is everything a UK pub owner needs to know, without the legal jargon.
The moment your WiFi login page collects any personal data — a name, email address, or social media login — you become a data controller under GDPR. That is a formal legal status with specific obligations:
GDPR marketing obligations only apply once you upgrade to Purple Engage — which is specifically built to handle those obligations automatically at every login.
Pre-ticking the marketing opt-in box: Under GDPR, consent must be freely given and unambiguous. A pre-ticked checkbox does not meet that standard. Purple Engage enforces a separate unticked opt-in by design.
Collecting emails with no privacy policy: If you are capturing customer data, you must link to a privacy policy from your login page. It does not need to be lengthy — but it must explain what you collect, why, how long you keep it, and how customers can request deletion.
No record of when or how consent was given: If a complaint is made to the ICO, you will be asked to produce evidence. Purple Engage generates a dated, logged consent record automatically for every single login.
Adding customers to a mailing list without specific consent: WiFi access consent and marketing consent are separate and must be presented separately. Purple Engage handles this split automatically.
GDPR governs how you handle customer data. The Digital Economy Act 2017 governs what happens on your network — specifically, your duty to prevent it being used to access illegal material.
This is where DNS content filtering becomes a legal requirement. Under the Act, you must take reasonable steps to block access to illegal downloads, adult content, and other harmful material on your public network.
This is not included in Purple Connect's free tier. Purple Shield is Purple's dedicated content filtering product — certified by Friendly WiFi and the Internet Watch Foundation, using AI to block threats 10 days faster than comparable solutions. A large UK hospitality chain with 330+ venues using Shield had 241,000 threats blocked in a single week.
For any pub welcoming families — or any landlord who wants full legal protection — Shield is the right addition.
| Requirement | Covered By | Tier |
|---|---|---|
| Secure isolated guest network | Purple Connect + Hub | Free |
| Branded login portal | Purple Connect | Free |
| GDPR-compliant data capture with consent records | Purple Engage | Paid |
| Automated marketing from captured data | Purple Engage | Paid |
| DNS content filtering (Digital Economy Act) | Purple Shield | Paid |
| AI threat detection and malware blocking | Purple Shield | Paid |
A pub that handles data transparently builds more trust than one that does not. When customers know their privacy is respected, they opt in more willingly — and Purple Engage venues see an average 35% marketing opt-in rate as a result.
That opted-in contact list is one of the most valuable assets an independent pub can own. A direct line to your best customers that no algorithm can take away.