Human resources at a click
Login
0

Company fined £80,000 for selling personal data without owners’ consent

  • HR Article
  • Data Protection

The ICO has fined data brokering company Verso Group (UK) Ltd £80,000 for a serious and deliberate contravention of the Data Protection Act 1998 (DPA).

An ICO investigation found that the company had supplied personal data to two other companies who then used the data for telemarketing purposes (including nuisance calls). Verso failed to ensure it had appropriate consents from the data subjects to forward their personal data on in this way.

In determining the amount of the fine, the ICO considered:

  • The contravention involved large volumes of personal data and data subjects;
  • Verso’s contraventions were systemic, deliberate and not isolated or one-off;
  • These contraventions occurred over a period of years; and
  • Verso’s conduct during the investigation was found to be “unhelpful and obstructive.”

An ICO investigation found that the company had supplied personal data to two other companies who then used the data for telemarketing purposes (including nuisance calls).

Organisations should keep in mind that the GDPR is replacing the DPA in May 2018, and under the new law consent will be even harder to obtain as a basis to process data.

The GDPR places an even greater focus on organisations being transparent on information being provided to individuals before their data is processed. The ICO’s findings and sanction also emphasise the importance of assisting the ICO in any investigations they carry out.

Disclaimer
This information is for guidance purposes only and should not be regarded as a substitute for taking professional and legal advice. Please refer to the full General Notices on our website.

Anonymous author

Related Articles

View all
CCTV cameras on a grey wall
  • Data Protection

Can an employer monitor employees at work?

Can an employer lawfully monitor their employee, without their knowledge, if they suspect wrongdoing? Can employers monitor employees? It’s worth...

Recent data breaches and their impact on organisations
  • Data Protection

Recent data breaches and their impact on organisations

Organisations of all sizes are susceptible to data breaches and the damage caused by these breaches, both reputationally and financially,...

laptop with hands holding a mobile phone
  • Data Protection

Cookies and Consent: the ICO’s Cookie Review

In the digital age, cookies play a crucial role in how websites operate and interact with users. Companies use cookies...

Related Resources

View all

Confidentiality statement

Confidentiality statement in regards to the monitoring policy. Confidentiality Statement – Monitoring Policy  I agree, save if required by law...

  • Letters
  • Data Protection

Bring your own device policy

This policy covers the use of employees’ own devices (e.g. smartphone, tablet, laptop) for companybusiness. This policy applies to the...

  • Policies
  • Data Protection

Generative AI policy

This Policy covers the use of generative artificial intelligence (generative AI). Generative AI is a type of artificial intelligence technology...

  • Policies
  • Data Protection, Free Downloads

Not a member? Start your membership today!

Sign up
HR Services
Insights
Employmentbuddy
Contact us
Follow us
Find us
London

5th Floor, Chancery House, 
53-64 Chancery Lane, London
WC2A 1QS

Reading

5th Floor, Thames Tower,
Station Road, Reading
RG1 1LX

Find us
London

41-44 Great Queen Street,
London, WC2B 5AD

Reading

5th Floor, Thames Tower,
Station Road, Reading RG1 1LX

Follow us
Clarkslegal is a limited liability partnership registered in England and Wales. Registered number OC308349. Regulated by the Solicitors Regulation Authority (SRA no. 403601)
Human resources at a click
Login