ICO Registration
Compliance with the General Data Protection Regulations (GDPR) is an essential part of a business’ data protection responsibilities
What is the Information Commissioner’s Office (ICO)?
The Information Commissioner’s Office (ICO) is the UK’s independent authority responsible for upholding information rights, ensuring data privacy, and promoting transparency among public bodies. It handles data protection complaints, enforces compliance with data laws, and provides guidance on personal data rights and organisational responsibilities under key legislation like the GDPR and Data Protection Act 2018.
Registering with the ICO
Any organisation (including limited companies and sole traders) that processes personal data is required to register with the ICO, subject to certain limited exemptions (e.g. elected representatives, such as MPs and councillors in county councils). The ICO provides an online self-assessment tool to help businesses and individuals ascertain whether or not they need to register.
The requirement to register with the Information Commissioner’s Office and pay the relevant fee (see below) is set out by Data Protection (Charges and Information) Regulations 2018 – and failure to do so will result in a fixed penalty.
In December 2019, the ICO launched a new campaign under which they plan to write to all registered companies in the UK, reminding them of their legal responsibility to pay an annual fee if they process personal data. As a consequence, most recently formed companies can expect to be contacted by the ICO.