Receiving a random letter through your door asking you to register with the Information Commissioner’s Office (ICO) can be pretty daunting.
- Why have you suddenly received one?
- Do you really need to do it?
- What is the annual fee?
- What are the exemptions?
Before I get to the above, who are the ICO? The ICO is ‘the UK’s independent authority set up to uphold information rights in the public interest, promoting openness by public bodies and data privacy’. In short, they deal with data protection within the UK, and they’re VERY important – if you don’t know, get to know.
The ICO regularly go through Companies House to see companies that have been registered, and then send them a letter asking why you haven’t signed up for ‘ICO authorisation’.
This is why you may have suddenly received one, despite being in business for however long.
One of the easiest things you can breach with GDPR is if you don’t sign up with the ICO…don’t let this happen to you. Pretty much every single organisation or sole trader that processes personal data needs to pay this data protection fee to the ICO (unless exempt). Processing personal data can be as little as taking your clients email address or name, which you most likely do on a daily basis.
The annual fee depends on size/turnover of your business. Generally speaking, for most organisations it’ll be £40 or £60, but it can range between £40-2,900. Some organisations will only pay £40, regardless of size/turnover, such as charities and small occupational pension schemes.
If you aren’t sure whether this applies to you, head over to the ICO website by clicking here to find out more information.