ICO demand – is it a scam?

by Readers Question

9:52 AM, 10th December 2019
About 4 months ago

ICO demand – is it a scam?

Make Text Bigger
ICO demand – is it a scam?

Our Ltd company has just received a demand from ICO (Information Commissioner’s Office) claiming that we are not registered with them. That is true…. I have never heard of or from them before.

They say our customers, clients and tenants expect us to take our data protection obligations seriously like the many real estate companies that have paid their fee on time. If we have not paid a data protection fee to ICO we could be liable to pay fines of up to £4000.

In former times we did take personal details from our, mainly student, tenants….names, addresses ,telephone numbers, college details etc. Nowadays however we use agents and although, if we wanted, we could have copies of all tenancy agreements we normally leave all that with the agents.

As we do not hold these details I think the rules (if there are such rules) do not apply to us directly, but might apply to our agents. But something about this demand smells of a scam.

How come we have never heard of this before? Has anybody else received a similar demand?

Nick

Editors Note:

ICO blog 03/12/2019 >> Click here

We have launched a campaign to contact all registered companies in the UK reminding them of their legal responsibility to pay a data protection fee. The move marks the start of an extensive programme to make sure the Data Protection Fee is paid by all those who need to pay it.

Under the Data Protection Act 2018 organisations processing personal information are required to pay a data protection fee unless they are exempt. You can quickly and easily find out if your organisation needs to pay the fee by using our self-assessment checker, but if you hold personal information for business purposes on any electronic device, including using CCTV for crime prevention purposes, it is likely an annual fee payment is due.

You can avoid us needing to contact you by either:

  1. Visiting our website to pay your organisation’s Data Protection Fee online
  2. Completing this form to tell us why your organisation is exempt from paying the fee.

Since the new annual data protection fee was introduced in May 2018, over 600,000 organisations have registered to pay it. They have gone on to access the range of services and support we provide to help them to comply with the law and give their customers, clients and suppliers trust and confidence in the way they process personal information. At the same time, between 1 July and 30 September 2019, we issued 340 monetary penalties to organisations that have not paid the Data Protection Fee.

As well as naming most organisations we need to fine, we also publish the names of all fee-paying organisations. This helps them make it clear to their customers, clients and suppliers that they are aware of their legal obligations when processing personal information.

We know data protection legislation can be complicated and we are here to help. The reminders we are sending to organisations are to help make it easy to comply with the law as well as access a great deal of advice and support available from the ICO. This includes:

  • a Helpline and Live Chat service dedicated to supporting small businesses and organisations;
  • a series of self-assessment tools and products on our website;
  • advisory visits and support designed to help small businesses and organisations to comply with the law.

The cost of the data protection fee depends on a company’s size and turnover. There are three tiers of fee ranging from £40 and £2,900, but for most organisations it will be £40 or £60. The cost is reduced by £5 if you sign up by direct debit and you can find out how much you need to pay by taking a self-assessment.

For further help and advice, call the ICO’s small business helpline on 0303 123 1113 between 9am – 5pm, Monday to Friday (excluding Bank Holidays).



Comments

Luke P

11:52 AM, 18th December 2019
About 4 months ago

Reply to the comment left by Simon Lever at 18/12/2019 - 10:58
I don’t expect them to know. But I don’t expect to do their job for them either. Convenience and making this go away aside, why should they presumptively issue a fine with no evidence and nothing more than the assumption that because your were registered in previous years, you should also be registered today?

I wasn’t so much asking for practical advice on how to deal with it (of course I can just contact them and update my position), but it’s the way in which they are going about it. Just like TV Licensing, it’s one thing to assume you require one, but a whole other matter to fine you if you don’t have a TV any longer! The manner in which you let them know you no longer require a licence is by not purchasing a licence.

JJ

17:49 PM, 18th December 2019
About 4 months ago

Reply to the comment left by Luke P at 18/12/2019 - 11:52
There's a link here saying

"Cancel

If you no longer need to pay a data protection fee, please inform us by following the instructions above. If you cancel and pay by direct debit, you'll also need to cancel your direct debit with your bank or building society."

https://ico.org.uk/for-organisations/data-protection-fee/change/

So maybe you could just cancel and see what happens.

Luke P

20:43 PM, 18th December 2019
About 4 months ago

Reply to the comment left by JJ at 18/12/2019 - 17:49
I’ll have a look, but I’ve effectively done that by not paying this year. I wasn’t paying via DD, so have nothing to cancel.

Michael Barnes

23:36 PM, 20th December 2019
About 3 months ago

Reply to the comment left by Luke P at 18/12/2019 - 20:43
Not paying is not the same as cancelling.

Luke P

1:11 AM, 21st December 2019
About 3 months ago

Reply to the comment left by Michael Barnes at 20/12/2019 - 23:36
There’s no requirement to cancel. If I don’t need a licence, I don’t buy one. They should not assume I need one based on nothing more than what happened in the past.

David Atkins

8:31 AM, 21st December 2019
About 3 months ago

Reply to the comment left by Luke P at 21/12/2019 - 01:11
I used the self assessment tool and for my SPV it says’ “
“You are not processing personal data and you therefore do not have to pay a fee to the ICO.”

I’ll use the above if they continue to chase. At the end of the assessment it states,

“Even if you are exempt, you may still wish to pay a data protection fee. “
But don’t include why!!!!! 😂 so give them money for no reason whatsoever and they publish my address publicly as a benefit...are they insane?

Luke P

8:39 AM, 21st December 2019
About 3 months ago

Reply to the comment left by David Atkins at 21/12/2019 - 08:31
I use the self-assessment tool every year to check if I still need a licence. As business has changed, and therefore the way we operate, In told the same as you David…I do not have to pay a fee. There’s no option to inform them of anything else. Each year should be in isolation.

I won’t be paying this fine (because I’m not processing data), so we shall see what their next move is.

Mick Roberts

8:39 AM, 21st December 2019
About 3 months ago

I've got a question.

I did my £40 rip off fee so that I can give my plumber my tenants number who has water through the ceiling, but ICO says Ooh can't divulge her phone number without Data protection GDPR bo__ocks.

I did my fee in my own name as some of my tenants been with me 22 years & it's all my own personal name stuff.

I got my letter yesterday in one of my companies names, they wrote to my accountants.

Now I don't know what day it is at moment with Licensing attacks & paperwork & UC, so I couldn't even find the original application I did. I've searched & found it still in my emails inbox & not even saved in a file, so if I get this again in a year (As I can't remember what I did last week, never mind a year ago), I've now put in a folder called Data Protection GDPR ICO Dec19, at least I should use one of them words to search & find it.
And they bought this out the same time as Licensing, don't u love these bureaucratic organisations.

So I ain't paying again in the company name, when all the stuff I saved on tenants NI number etc. is all in me Mick human being my name. Or is anyone on here better informed than me & telling me I have to do in all my companies names?

More stuff we got to divulge too which takes away from the real purpose which is to make the tenants life & home as good as we can. No wonder Landlords are packing up.

Going nuts this Data is, I tell u what I got yesterday. I have a 23 month argument with UC, not using references when putting money in my bank so not got a clue who's rent is for who.
Finally this week, they started to verbally talk to me.
I have two tenants & they don't care about Data protection, their important thing is a long term safe home from someone who in't selling on 'em despite being bogged down by this legislation.
One is Elaine Brook Close. One is Emma Brisbane Drive.

I have said use:
Use BroXXEla for Brook Elaine (the XX's are for her door number as I have 3 houses on there)
Use BriEmm for Brisbane Emma

They have put in my bank
B E
B E

I kid u not. Their reason is data protection in case anyone gets into my bank & sees the references & starts working it out. I said I've got more to worry about than someone working out who they are if they in my bank, they can access the money, what do u think they gonna' be going for? Der....
And if I get one B E in bank & one doesn't come, I'm not gonna' know who has paid & who hasn't.

Anyway. Do I ignore my letter, as I can't see anything on there that says if u have done in personal name, u r fine, or u got to give us another £40.

And u can't even ring 'em on a Saturday, yet u can bet loads of us want to ring 'em after receiving these letters, yet us Landlords have to be available 24 hours a day.

David Price

8:53 AM, 21st December 2019
About 3 months ago

Reply to the comment left by Mick Roberts at 21/12/2019 - 08:39
I am glad someone (perhaps everyone) has the same problem as I do with UC. GDPR protection gone mad, I do so love these bureaucrats.

David Atkins

9:15 AM, 21st December 2019
About 3 months ago

Reply to the comment left by David Price at 21/12/2019 - 08:53If you work from home and you are using the same IT systems for personal and Ltd Co why would you need to pay more than once? Its the one IT system. I think the original purpose was to highlight to all the importance to have secure systems & policies in place. The registration gives consumers some confidence that the Ltd Co is even aware of data security. I use the Ltd Co name for tenants in houses purchased in my personal name. But now it appears to be a revenue raising expedition by the ICO. Sorry that was a reply to Mick not David Price

1 4 5 6 8

Leave Comments

Please Log-In OR Become a member to reply to comments or subscribe to new comment notifications.

Forgotten your password?

OR

BECOME A MEMBER

Windows smashed and tenant abandoned property?

The Landlords Union

Become a Member, it's FREE

Our mission is to facilitate the sharing of best practice amongst UK landlords, tenants and letting agents

Learn More