£80k fine and enforcement notice for TPS and consent infringements by funeral plan firm

Share This Post

The ICO has fined a funeral plan firm (Avalon Direct Ltd), £80,000 for breaches of the Privacy and Electronic Communications Regulations 2003 (PECR) for failure to meet the requirements relating to cold calling (unsolicited phone calls). In the case, Avalon, had used call data from a third-party to call up over 52,000 people who were registered with the Telephone Preference Service (TPS).

PECR specifically requires that if you are to make live calls you should not call people who are registered with the TPS (or CTPS for corporates) unless specific consent has been given. Avalon had not cleaned the phone data they’d been provided against the TPS and because there was inadequate evidence that the third-party had obtained specific consent for Avalon to call using the numbers, they were in breach of Regulation 21 of PECR.

This case again highlights the importance of carrying out adequate due diligence against any third-party data providers who provide data that is to be used for marketing (or indeed any other) purposes.

As well as the fine the ICO has issued an enforcement notice requiring Avalon to cease and desist their marketing activities until they are properly compliant.

The ICO has also published a statement calling on everyone to support elderly friends and relatives and ensure they’re registered with the TPS and once done so report any “nuisance calls” to the ICO. Andy Curry, Enforcement Group Manager at the ICO, said:

“The funeral plan industry has been on our radar for a while and it is fair to say the sector as a whole has had some issues in terms of complying with the law. That’s not always reflected in volumes of complaints, however, because the very nature of this particular sector means the people being targeted for funeral plan sales may be older, potentially more vulnerable and may not be as technologically savvy or as active online.

“We would ask people to speak to their older relatives, neighbours or friends and make sure they are registered with the TPS. If they have still been getting nuisance calls, they can help report these calls to us as this helps us build up intelligence on companies and sectors where we need to take action.”

 

More To Explore

Eat. Sleep. GDPR. Repeat.

We live and breathe GDPR and ePrivacy compliance, so you don’t have too. Our GDPR UNLIMITED helpline is all about offering you help and support, whenever you need it most. As well as the unlimited helpline, you get up to 4 hours “hands-on” help each month, which we can configure to help you in anyway you need such as a GDPR review, or acting as your DPO.

As well as the unlimited helpline and hands-on help you get GDPR and privacy updates, access to our GDPR knowledge centre and webinars.

Unlimited email & phone support

Unlimited email and phone support. Email or organise a voice call as often as you need each month.​

Up to 4 hours "hands-on" help per month

We use these "hands-on" hours to do the GDPR work for you, such as reviews, acting as your DPO, checking DPIA, dealing with breaches, training your staff, etc. (Additional hours: £100+VAT per hour)

Online resources

Our Knowledge Centre gives you access to information, guidance, topic related guides and other tools to support your GDPR and PECR compliance

Updates, alerts & briefings

We provide updates and alerts and a monthly compliance briefing. You can either sign into the Knowledge Centre or sign up via email to receive an email every time we add a new update or alert

DPO services

Whether mandated or not we can act as your Data Protection Officer (DPO) and manage your day to day compliance

Webinars, workshops & training

Whether updates on the latest issue, workshops or team training, it's all included in your monthly retainer.

LIKE WHAT YOU'RE READING? join our email list

Sign up for monthly briefings and the occasional emails about our webinars and services

Want to know more about how we use your data? Check out our privacy policy