David Woods

+44 (0)1733 887793 dvwoods@greenwoodsgrm.co.uk

View full profile →

GDPR – Don’t forget to pay

Corporate and Commercial / 11 October 2018

One feature of the GDPR is that organisations are no longer required to register with the Information Commissioner’s Office (ICO) – but there is still an obligation to pay an annual fee.  And the ICO is already taking action against organisations that have failed to pay.

The obligation to make the annual payment arises for each organisation 12 months after it made its last annual notification under the Data Protection Act – and on each anniversary of that date.

The fees payable vary according to size, turnover and status (e.g. charities) and range from £35 to £2,900.

The ICO has already begun formal enforcement action against 34 organisations that have failed to pay the fee.  The ICO has sent those organisations notices of its intention to fine them unless they pay.  The maximum fine is £4,350.  It is reported that the ICO has more notices ready to send to other organisations that are late in paying the fees.

Payment can be made by direct debit which will eliminate the risk of fines for forgetting to pay.

If you have questions, we can help.  Please get in touch.

Back to Our Thinking →

Get in touch with us

Interested in finding out more? Use this form to let us know how to contact you and what you’d like to know, and we’ll get back to you.

Alternatively, contact anyone listed on our website direct, they will be happy to hear from you.

  • This field is for validation purposes and should be left unchanged.