Tax Returned Limited Fined £200,000 On Violating GDPR Rules

A London based firm Tax Returned Limited received a fine of £200,000 by the Information Commissioner’s Office (ICO). Because it was sending millions of unwanted marketing text messages without consent. This practice is against GDPR rules and regulation.

According to the investigations by ICO, between July 2016 and October 2017, the company had sent 14.8 million marketing text messages without having consent using third-party service providers by breaking GDPR laws.

As the data controller of the campaign, The Tax Returned should have taken equitable steps. Consequently, it had to make sure the data they obtained complies with the Privacy and Electronic Communication Regulation (PECR). Because PECR states to collect explicit consent from the people receiving the messages.

The firm claimed to have the consents from a general third-party, they have insisted on the privacy policies of a certain website.

However, ICO found in the investigations that the diction of the policies was not clear much and the Tax Returned is not mentioned, nor the third party marketing firm was listed on most of the privacy policies.

After this investigation, ICO has served a notice to Tax Returned, ordering the firm to stop their illegal marketing activities.

Steve Eckersley, ICO’s Director of Investigations, said:

“Spam texts are a real nuisance to people across the country. And, this firm’s failure to follow the rules drove over 2,100 people to complain.”

“Firms using third-party marketing services need to double-check whether they have valid consent from people. Lastly, generic third-party consent is also not enough, and companies will receive fine if they break the law.”