Are you breaking the law?

Law and the GDPR

Ignorance of the law is no defence

Over the years BT was fined £77,00 for sending nearly five million nuisance emails to customers without their permission. Gloucestershire Police fined £80,000 for sending bulk emails. The Bible Society fined £100,000, Yahoo fined £250,000, University of Greenwich fined £120,000, with more companies and organisations under investigation. Using customer data without permission is against the law.

Every small or large business that holds details of customers or enquiries, has a duty to protect that data and request permission to retain that information. Brexit and leaving the EU in 2020 did not change that fact. More information for small businesses.

The law is very clear

The Privacy and Electronic Communications Act (PECA)  see our guide to the General Data Protection Regulation (GDPR) which applies to all businesses. If you are based in the UK you can make a complaint at It should be recognised that if after contacting a business,it does not take action, the first step is to write to the company. If, after 30 days they have not contacted you, then you can make your complaint.

If a company is based in a member state of the European Union, then a complaint can be filed at the local Data Protection Authority for that country.

Lets hope we will not be publishing your business name here for breaking the law.

Every website must have Cookie and Privacy Policy documents published.

A GDPR Cookie Consent option must be provided on every website, and every website must also publish a Cookie Policy Document, and Privacy Policy Document.