ICO (UK) - Solarwave Limited EN: Difference between revisions

From GDPRhub
(Created page with "{{DPAdecisionBOX |Jurisdiction=United Kingdom |DPA-BG-Color=background-color:#023868; |DPAlogo=LogoUK.png |DPA_Abbrevation=ICO (UK) |DPA_With_Country=ICO (UK) |Case_Number_N...")
 
No edit summary
Line 52: Line 52:
}}
}}


On 4 June 2021 the Information Commissioner's Office (ICO) imposed a fine of £100,000 on Solarwave Limited. In the observed period, the company made 73,217 unsolicited calls for direct marketing purposes thereby contravening regulation 21 of PECR.
The ICO fined Solarwave Limited approximately €116,00 (£100,000) for sending direct marketing communications to individuals who had previously registered with the Telephone Preference Service who had not given their prior consent to receive calls.


== English Summary ==
== English Summary ==

Revision as of 08:26, 16 June 2021

ICO (UK) - Solarwave Limited EN
LogoUK.png
Authority: ICO (UK)
Jurisdiction: United Kingdom
Relevant Law: Article 4(11) GDPR
regulation 21 of the Privacy and Electronic Communications Regulations 2003
section 55A Data Protection Act 1998
Type: Investigation
Outcome: Violation Found
Started:
Decided: 04.06.2021
Published: 08.06.2021
Fine: 100000 GBP
Parties: - Solarwave Limited
National Case Number/Name: Solarwave Limited EN
European Case Law Identifier: n/a
Appeal: Unknown
Original Language(s): English
Original Source: ICO's official website (in EN)
Initial Contributor: n/a

The ICO fined Solarwave Limited approximately €116,00 (£100,000) for sending direct marketing communications to individuals who had previously registered with the Telephone Preference Service who had not given their prior consent to receive calls.

English Summary

Facts

The Information Commissioner's Office (ICO) examined the monthly reports received from the Telephone Preference Service Ltd (TPS), which described complaints about Solarwave Limited’s unsolicited marketing calls. Between 2 January 2020 and 2 October 2020, Solarwave Limited made 73,217 unsolicited direct marketing calls, and 30 complaints were submitted in relation to those calls. The calls were made to subscribers who had registered with the TPS and who had not given their prior consent to receive calls.

Dispute

ICO examined whether Solarwave Limited contravened regulation 21 of the Privacy and Electronic Communications Regulations 2003 (PECR), according to which a company can make direct marketing calls to individuals who are registered with the TPS (for not less than 28 days) only if those individuals consented to receiving such calls. Further, ICO examined whether the conditions under section 55A Data Protection Act 1998 (DPA) for the imposition of a monetary penalty are met.

Holding

ICO confirmed that Solarwave Limited contravened regulation 21 of PECR, by making unsolicited direct marketing calls to subscribers who had registered with the TPS at least 28 days prior to receiving the calls, and who had not given their prior consent to Solarwave to receive calls.

ICO also found that the conditions under section 55A DPA for the imposition of a monetary penalty were met.

First, if found that the contravention was serious due to (among other) a substantial number (73,217) of unsolicited calls over a nine-month period, for which Solarwave Limited could not demonstrate that it held valid consent. Valid consent was defined by reference to the concept of consent in the General Data Protection Regulation (GDPR).

Second, ICO found that Solarwave Limited acted negligently. It stated that companies have at their disposal detailed guidelines on carrying out marketing and on consent under the GDPR, which is why Solarwave Limited knew or ought reasonably to have known that there was a risk that this contravention would occur. Also, in line with standard practice of the TPS to notify the company of complaints, Solarwave Limited must have been aware of the contraventions. In addition, ICO found that Solarwave Limited failed to take reasonable steps to prevent the contravention. Relying on the assurance of third-party providers that the data had been screened prior to purchasing, without undertaking proper due diligence, was not considered as acceptable.

Finally, ICO took account some aggravating features of the case, such as the fact that Solarwave Limited was seen to be rude and persistent when making calls and that it continued to make unsolicited calls pending the outcome of ICO’s investigation.

Taking into account all of the above, ICO has decided that a penalty in the sum of £100,000 is reasonable and proportionate.

Comment

Share your comments here!

Further Resources

Share blogs or news articles here!

English Machine Translation of the Decision

The decision below is a machine translation of the English original. Please refer to the English original for more details.