You need to be aware of and observe the requirements of both the UK's confidentiality laws
(enshrined in, amongst others, Articles 8 and 12 of the Human Rights Act) and the Data Protection Act 1998. These statutes require that consent be obtained from the third party, preferably in writing, before their personal data can be placed within the public domain.
The Data Protection Act requires any person or organisation involved in storing personal data for commercial purposes, including marketing and auctions, to register with the Information Commissioner, supplying the organisation's name and nature, and the intended use for the data.
Similar knowledge is useful when compiling a mailing list to promote your work, for example. People on your database should have the ability to correct their information, or have it removed, and best practice also suggests including a physical contact address along with any messages sent to your mailing list, as well as information on how people can update or remove their details.