All data controllers must register with the Information Commissioner’s Office (ICO) and renew the registration annually. Failure to notify is a criminal offence.
Where it is essential to the business arrangement to pass data on to third parties, then the request for the product or service from the data subject is considered to be permission.
The data subject must give permission for data to be shared for marketing purposes. There must also be an opportunity for the data subject to opt out of further marketing communications.
Data may be transferred within the European Economic Area as it is considered that European countries have adequate, legal data protection in place. Outside of the EEA you must ensure that this legal protection is in place.
In cases where the business does not register or comply with the Act, the ICO can serve information notices, serve enforcement notices, conduct audits, issue monetary penalties, prosecute and report to Parliament.
Failing to respond to penalties, register with the ICO or process data without authorisation can result in prosecution and a maximum fine of £500,000.
Privacy & Cookies Policy
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.