The Federation is urging its members to pay attention to all letters from the Information Commissioner’s Office (ICO) which remind sole traders, small companies and SMEs of their legal responsibility to pay a Data Protection Fee. These letters are genuine and must not be ignored.
These letters are part of an extensive programme to make sure the Data Protection Fee is paid by all businesses that need to pay it. The ICO has been sending out notices since 2019, but has only recently begun contacting retailers and wholesalers.
Under The Data Protection (Charges and Information) Regulations 2018, every business that processes personal information is required to pay a Data Protection Fee to the ICO, unless they’re exempt. Not paying when you should may result in a fine of up to £4,000.
Most companies will need to pay £40 or £60 a year.
If you store your customers’ names, addresses or phone numbers on computer, you are processing personal information and may need to pay. If you have surveillance cameras (like CCTV) for crime prevention, you must pay.
Exemptions include:
- Personal, family or household affairs not connected to commercial or professional activities (including CCTV to monitor your domestic property, even if you are capturing images outside the boundaries of your property)
- Elected representative functions
- Judicial functions
- To maintain a public register (ie you are required by law to make the information publicly available)
To find out if you are exempt, visit ico.org.uk/feechecker If you don’t need to pay, complete the form at ico.org.uk/no-fee to let the ICO know why your company is exempt from paying the fee.
If you need to pay, visit ico.org.uk/fee and click ‘first time payment’ if you have never registered with the ICO or press ‘renew’ if you have registered before. You must complete the online application before sending your payment. You can set up a Direct Debit, which will deduct £5 from your fee.
Related Articles
