Safestyle UK fined £70,000
Article added: 13/09/2017
The Information Commissioner’s Office (ICO) issued a fine of £70,000 to H.P.A.S. t/a Safestyle UK reminding companies making direct marketing calls to people registered with the Telephone Preference Service is “off limits“.
The warning comes as the ICO issues fines totalling £150,000 to two firms based in Bradford that, between them, sparked hundreds of complaints.
H.P.A.S. Ltd (trading as Safestyle UK) broke the law when they called people who were registered with TPS, although it may not be quite as clear cut to some of you.
H.P.A.S. Ltd t/a Safestyle UK was fined £70,000 following a total of 264 complaints to the Telephone Preference Service (TPS) and Information Commissioner’s Office (ICO) between 1 May 2015 and 31 December 2016, and 3 periods of monitoring by the ICO.
Some of the complaints were from customers who had asked Safestyle UK to remove them from future marketing, but had continued to be called, with some consumers stating that they had been receiving calls for many years.
When questioned by the ICO, Safestyle UK explained that they believed they did not need to screen against the TPS, as they were calling their customers and potential customers, who had made enquiries with them, which is also known as the “soft opt-in“.
However, the ICO confirmed that this consent does not last indefinitely, when they explained Safestyle UK’s failings.
The Commissioner directed HPAS to her Direct Marketing Guidance and informed it:-
1. That HPAS must ensure that it was able to substantiate that individuals have consented to be called by keeping clear records.
2. In the event that they could not provide clear and recent evidence of consent they must TPS screen prior to any calls being made.
3. In order to comply with the fifth data protection principle it must ensure that it had an adequate retention policy.
4. Consent does not last forever. HPAS cannot rely on an individual’s consent to call them on an ongoing basis simply because they asked for quote at some point.
5. If an individual contacts HPAS for a quote, but takes their business elsewhere HPAS could not continue to call them as they will not have consented to receiving direct marketing calls from them in the future.
Although, despite warnings from the ICO and being placed on monitoring 3 times, complaints about Safestyle UK continued to be received and the ICO issued a fine for £70,000.
Download and read the Monetary Penalty Notice from the ICO on this one, it’s not quite as straight forward as you may at first think.
Where Safestyle UK went wrong
Take the opportunity to learn from someone else’s mistakes.
- Even your own leads won’t last forever - most companies would look at their incoming enquiries as ’theirs to do with as they please’, however, that’s not the case. The ICO has determined that even with direct enquiries you cannot presume to have consent to contact them ‘forever’.
- You still have to TPS screen - as the consent on your data ages you must consider at what point you should screen your data against the TPS. If a person on the TPS makes an enquiry with you, the consent which they’ve given you to contact them (which overrides the TPS) won’t last for ever. More importantly, it probably won’t last as long you’d like.
- Resolve the issues - if the ICO contacts you and offers you the opportunity to make changes to your systems, do it. If you want to argue the point, go ahead. If you cannot agree with the ICO a mutual position, then just make the changes! The ICO is a tough regulator to beat!
Safestyle UK Monetary Penalty Notice as issued by the ICO
TPS Services Richard Kane said:
“This case is not quite straight forward. On the one hand, they were given multiple chances to get their complaints down and simply didn’t. Why they did not move heaven and earth to meet those complaint targets is beyond me.
That aside though, it must feel to some businesses that the ICO is forever moving the goalposts on data consent so as to catch them out. I have to wonder if the ICO gets you in their sights, is there really any chance of getting out of them?
The rules are the rules, there’s no getting away from that, but there’s a lot of businesses out there that simply don't understand the intricate nature of how the ICO have changed their position on consent after 15 years! I can't help but feel a bit sorry on certain points here with Safestyle UK, especially relating to how long an enquiry might be valid.
If you’re the one responsible within your business for ensuring that your business does not call people registered on the TPS, get a TPS screening account and screen to be on the safe side. If you’re going to respond to web enquiries, then attach an amount of time that you consider them to be ’live’ and then implement a system of TPS screening after that.
Finally, when someone says “take me off your list”, do it!”
If your business purchases or sells data then you should read the latest Direct Marketing Guidance
issued by the ICO for a complete explanation of what the ICO expects from companies involved in or buying from the direct marketing industry.