Do I need to register with the ICO?
For majority of companies, you will process personal information in some way or another, whether that be a name, email, or phone number. By law, if you process personal information you must pay a ‘data protection’ fee to the ICO. There are three tiers of fee ranging from £40 and £2,900, but for most organisations it will be £40 or £60. Throughout this blog I am going to be telling you why you need to register and how.
If you want to check if you’re already registered you can search here https://ico.org.uk/ESDWebPages/Search
Who is the ICO?
The Information Commissioners Office known as the ICO is an independent body that upholds information right in the UK. Their aim is to protect the right of individuals over their own data, the ICO ensures that any business or organisation processing personal information respects those rights.
Who needs to register with the ICO?
The fee is payable by a range of companies from sole traders and SMEs through to large organisations, depending on your practices. The amount payable varies depending on the size of the organisation. There are three tiers of fee ranging from £40 and £2,900, but for most organisations it will be £40 or £60
There are very few businesses or organisations that are exempt and the scope for exemption is very limited. For example, if you ONLY keep paper records and have no CCTV, you could be exempt.
The best way to find out if you are exempt is to complete the ICO self-assessment which takes less than 30 seconds to complete, it will ask you 5 basic questions about your business that will determine if you need to register. https://ico.org.uk/for-organisations/data-protection-fee/self-assessment/
What happens if I avoid paying the fee?
If you need to pay and do not pay, you could be fined up to £4,000. Between July and December 2019, the ICO issued 554 monetary penalties to organisations that had not paid the data protection fee.
As well as naming most organisations they need to fine, they also publish the names of all fee-paying organisations. This helps you make it clear to your customers, clients, and suppliers that you are aware of your legal obligations when processing personal information.