iubenda logo

The UK Data Protection Authority fined Easylife £1.35 million for creating 145,000 customer profiles using health information. Easylife also paid an additional fee for making 1345,732 calls for direct marketing between 2019 and 2020.

Following investigations by the ICO, the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR) and Article 5(1)(a) of the UK General Data Protection Regulation (UK GDPR) were violated by Easylife Ltd. 

The Information Commissioner’s Office (ICO) published two penalty notices on October 6, 2022, imposing fines of £1.35 million and £130,000 on the company.

Background 

The ICO specifically mentioned that when the company was brought to its notice, it had looked into Easylife. While the inquiry first focused on violations of the PECR, concerns regarding potential violations of the UK GDPR were also found, according to the ICO.

The investigation 

According to the UK GDPR, the ICO concluded that Easylife had targeted 145,400 consumers with health-related items without their permission by using their personal information to anticipate their medical conditions. Specifically, the ICO found that considerable consumer profiling and health data processing had occurred and that those affected by it were unaware that their personal data had been collected and used for such reasons.

According to the ICO, Easylife violated the PECR by making 1,345,732 unsolicited marketing calls to persons registered with the Telephone Preference Service between August 1 and August 19, 2020. These calls are forbidden under the PECR unless the receiver gives their consent.

The ICO came to the conclusion that Easylife had broken both Regulation 21 of the PECR and Article 5(1)(a) of the UK GDPR.

Outcomes

The ICO issued a total fine of £1.48 million, consisting of £1.35 million for the UK GDPR infringement and £130,000 for the PECR violation. The ICO further stated that both fines must be paid by November 4, 2022, and that if paid by that date, the penalty for breaking the PECR will be reduced by 20% to £104,000.


Possible £27 million for TikTok says ICOCNIL fines Total Energies €1 MillionGoogle to Pay $60 Million in Fines

About Us

iubenda is the easiest and most professional way to generate a privacy policy for your website, mobile app and facebook app
www.iubenda.com

Generate a privacy policy now

Ready in a few steps and built to meet the needs of both website and mobile app owners

Generate your privacy policy now

Sometimes the best choice is to "just give it a try"

iubenda is the easiest and most professional way to generate a privacy policy for your website, mobile app and facebook app

Generate your privacy policy now