As of 2018, any personal data processed by organisations and individuals is affected under the General Data Protection Regulation (GDPR). This refers to any personal data (which could include names, addresses, phone numbers, NI details, etc.). It was introduced to protect this information and hold companies and individuals accountable for how they handle other people’s personal information. It is on this subject which ICO letters are now being sent out on.
The GDPR of 2018 require businesses and individuals that deal with any personal information to register with the Information Commissioner’s Office (ICO) and pay a data protection fee. As a result, the ICO have recently sent letters directly to individuals that they suspect should be registered with them. Several of our clients received one of these letters, which has prompted us to update you on how to proceed.
The exemption criteria is very complicated and as such, we cannot confirm if you do/do not have to register. As mentioned, for all the above scenarios, the best course of action is to call the ICO directly. They will be able to offer you advice on whether or not you are subject to registering with them.
As always, if you have any questions about the content of this post, please feel free to contact us.