The Information Commissioners Office – ICO is the UK’s Data Protection Regulator. If your company holds and processes personal information it has a legal responsibility to be registered with the ICO. Every company that processes personal information, unless exempt, is required to pay an annual data protection fee to the ICO and failure to pay the fee may result in fines up to £4000.
The Data Protection (Charges and Information) Regulations 2018 require every business that processes personal information to register and pay data protection.
The data protection fee is £40/£60 annually.
If you hold personal information (including clients names, addresses and telephone numbers) it’s likely you’ll need to pay.
Data Protection Public Register
All fee paying company names are published on the Data Protection Public Register. This makes it clear to customers, clients and suppliers the company is aware of its legal obligations when processing personal information.
- Name and address of the controller
- Data protection registration number
- Date the fee was paid and when it is due to expire
- Any other trading names of the organisation
- Contact details for the Data Protection Officer – with consent
ICO Annual Fees
Your data protection fee depends on the size of your organisation or turnover.
- Tier 1 – Micro Organisations Your turnover is less than of £632,000 or no more than 10 members of staff.
- Tier 2 – Small and Medium Organisations You have a maximum turnover of £36 million or no more than 250 members of staff.