As Rick mentioned in comments this would most definitely be considered processing of personally identifiable information (PII) under the UK GDPR.
You mention "advertising" and "marketing purposes" so it's pretty clearly not for your own personal household/family use and that means you would have to comply with the GDPR.
That means you're going to need what's called a "Lawful Basis" for processing this data. There's six different ones:
(a) Consent: the individual has given clear consent for you to process their personal data for a specific purpose.
(b) Contract: the processing is necessary for a contract you have with the individual, or because they have asked you to take specific steps before entering into a contract.
(c) Legal obligation: the processing is necessary for you to comply with the law (not including contractual obligations).
(d) Vital interests: the processing is necessary to protect someone’s life.
(e) Public task: the processing is necessary for you to perform a task in the public interest or for your official functions, and the task or function has a clear basis in law.
(f) Legitimate interests: the processing is necessary for your legitimate interests or the legitimate interests of a third party, unless there is a good reason to protect the individual’s personal data which overrides those legitimate interests. (This cannot apply if you are a public authority processing data to perform your official tasks.)
You haven't provided enough information for to hazard a guess at what your basis would be but the ICO has an on-line tool which would give you a starting point.
It's a very good idea to make sure you have all your i's dotted and all your t's crossed before you start processing any PII - and that includes documenting the process.
Otherwise, what consequences may I face if I do so?
In some ways the consequences of non-compliance are "what have you done?" coupled with "how much have you got?", the maximum penalty is £17.5m or 4% of your annual turnover (whichever is greater) and fines issued under the UK GDPR to date have ranged from mere pocket change to almost enough to buy a tank of petrol.
Widen it to the EU and small property owners association got a €500 slap on the wrist and Amazon managed to net themselves a €746m fine.