Loading…
Menu icon Search icon
Contact us
Mobile filter icon Mobile contact icon

How to avoid unpaid data protection fees

Under the Data Protection (Charges and Information) Regulations 2018, individuals and organisations that process personal data need to pay a data protection fee to the Information Commissioners Office (ICO), unless they are exempt.

Civil Society recently reported that the ICO received reports of nearly 3,000 data breaches across all sectors in the second quarter of 2019-20. Sectors with the highest number of incidents were health, general businesses and education.

The ICO is currently using information about registered companies in England and Wales to compare against their register of fee payers. This is part of a campaign by the ICO to follow up on Companies House data in order to identify unregistered businesses in the UK. 

There is a penalty regime for failing to register with the ICO up to a maximum of £4,350. In order to establish whether you should be paying a fee to the ICO, complete the self-assessment tool to see if you – as an individual or on behalf of your business or organisation – need to pay a fee to the ICO.

Generally, in order to combat breaches, your information privacy and cyber practices should be compliant in order to keep data safe. Considering your data protection, GDPR compliance and cyber security are all integral to preventing breaches.

Whether you are a solopreneur, charity or growing business, we can help you develop a strategy that evolves along with you. Read more about our technology advice and support services here.

About the author

David Fardell

+44 (0)20 7556 1437
fardelld@buzzacott.co.uk

Civil Society recently reported that the ICO received reports of nearly 3,000 data breaches across all sectors in the second quarter of 2019-20. Sectors with the highest number of incidents were health, general businesses and education.

The ICO is currently using information about registered companies in England and Wales to compare against their register of fee payers. This is part of a campaign by the ICO to follow up on Companies House data in order to identify unregistered businesses in the UK. 

There is a penalty regime for failing to register with the ICO up to a maximum of £4,350. In order to establish whether you should be paying a fee to the ICO, complete the self-assessment tool to see if you – as an individual or on behalf of your business or organisation – need to pay a fee to the ICO.

Generally, in order to combat breaches, your information privacy and cyber practices should be compliant in order to keep data safe. Considering your data protection, GDPR compliance and cyber security are all integral to preventing breaches.

Whether you are a solopreneur, charity or growing business, we can help you develop a strategy that evolves along with you. Read more about our technology advice and support services here.

Complete the form below to receive help with your data protection and GDPR needs.

Please complete all required fields above.
This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.
Related links
Technology advice and support 1 GDPR: One year on
Have you got all the right processes in place yet?… Read more General Data Protection Regulations (GDPR) – Key action points for HR practitioners
HR professionals have control over some of the most sensitive personal information an organisation holds… Read more David Fardell
Managing Director (BGS) 4 Contact us 6
© 2018 Buzzacott LLP All rights reserved   |   
Sign up to our mailing list   |    Anti-slavery statement
Privacy policy   |    Accessibility   |   Transparency report   |   Gender pay gap report   |   Diversity and inclusion   |   Cookies   |   Legal
close back
Your search for "..."
did not yield any results.
... results for "..."
Search Tags
We use cookies for the best experience on our website and also to analyse web traffic. For more information see our Cookie notice. By clicking accept all you agree to our use of cookies. To alter the types of cookies we use click “Cookie settings”.
Accept all Cookie settings
Our use of cookies

We use necessary cookies to make our site work. We’d also like to set optional analytics and marketing cookies. We won't set these cookies unless you choose to turn these cookies on. Using this tool will also set a cookie on your device to remember your preferences.

For more information about the cookies we use, see our Cookies page.

Please be aware:

— If you delete all your cookies you will have to update your preferences with us again.
— If you use a different device or browser you will have to tell us your preferences again.

Necessary cookies
Always active

Necessary cookies help make a website usable by enabling basic functions like page navigation and access to secure areas of the website. The website cannot function properly without these cookies.

rc::a
Persistent
This cookie is used to distinguish between humans and bots. This is beneficial for the website, in order to make valid reports on the use of their website.
rc::c
Expires: Session
This cookie is used to distinguish between humans and bots.
PHPSESSID
Expires: Session
Preserves user session state across page requests.
Analytics cookies
Inactive

Analytics cookies help us to understand how visitors interact with our website by collecting and reporting information anonymously.

_dc_gtm_UA-#
Expires: 1 day
Used by Google Tag Manager to control the loading of a Google Analytics script tag.
_ga
Expires: 2 years
Registers a unique ID that is used to generate statistical data on how the visitor uses the website (Google Analytics).
_gat
Expires: 1 day
Used by Google Analytics to throttle request rate.
_gid
Expires: 1 day
Registers a unique ID that is used to generate statistical data on how the visitor uses the website (Google Analytics).
collect
Expires: Session
Used to send data to Google Analytics about the visitor’s device and behaviour. Tracks the visitor across devices and marketing channels.
_hjClosedSurveyInvites
Expires: 1 year
Hotjar cookie that is set once a visitor interacts with a Survey invitation modal pop-up. It is used to ensure that the same invite does not reappear if it has already been shown.
_hjDonePolls
Expires: 1 year
Hotjar cookie that is set once a visitor completes a poll using the Feedback Poll widget. It is used to ensure that the same poll does not reappear if it has already been filled in.
_hjMinimizedPolls
Expires: 1 year
Hotjar cookie that is set once a visitor minimised a Feedback Poll widget. It is used to ensure that the widget stays minimised when the visitor navigates through your site.
_hjIncludedInSample
Expires: 1 year
Hotjar cookie that is set to let Hotjar know whether that visitor is included in the sample which is used to generate Funnels.
_hjShownFeedbackMessage
Expires: 1 year
Hotjar cookie that is set when a visitor minimised or completes Incoming Feedback. This is done so that the Incoming Feedback will load as minimised immediately if the visitor navigates to another page where it is set to show.
_hjid
Expires: 1 year
Hotjar cookie that is set when the customer first lands on a page with the Hotjar script. It is used to persist the Hotjar User ID, unique to that site on the browser. This ensures that behavior in subsequent visits to the same site will be attributed to the same user ID.
_hjRecordingLastActivity
Expires: Session
This should be found in Session storage (as opposed to cookies). This gets updated when a visitor recording starts and when data is sent through the WebSocket (the visitor performs an action that Hotjar records).
_hjTLDTest
Expires: Session
When the Hotjar script executes we try to determine the most generic cookie path we should use, instead of the page hostname. This is done so that cookies can be shared across subdomains (where applicable). To determine this, we try to store the _hjTLDTest cookie for different URL substring alternatives until it fails. After this check, the cookie is removed.
_hjUserAttributesHash
Expires: Session
User Attributes sent through the Hotjar Identify API are cached for the duration of the session in order to know when an attribute has changed and needs to be updated.
_hjCachedUserAttributes
Expires: Session
This cookie stores User Attributes which are sent through the Hotjar Identify API, whenever the user is not in the sample. These attributes will only be saved if the user interacts with a Hotjar Feedback tool.
_hjLocalStorageTest
Expires: 100ms
This cookie is used to check if the Hotjar Tracking Script can use local storage. If it can, a value of 1 is set in this cookie. The data stored in_hjLocalStorageTest has no expiration time, but it is deleted almost immediately after it is created.
_hjIncludedInSample
Expires: Session
Session cookie which is destroyed when user leaves the Hotjar site.
_gcl_au
Expires: 3 months
Used by Google AdSense for experimenting with advertisement efficiency across websites using their services.
ads/ga-audiences
Expires: Session
Used by Google AdWords to re-engage visitors that are likely to convert to customers based on the visitor's online behaviour across websites.
Marketing cookies
Inactive

Marketing cookies are used to track visitors across websites. The intention is to display ads that are relevant and engaging for the individual user and thereby more valuable for publishers and third party advertisers.

Category
Expires: 2 months
Used to remember your area of interest on Buzzacott.co.uk / Buzzacott.hk.
Cookie management
Use of cookies Necessary cookies Analytics cookies Marketing cookies Allow all Save settings
Use of cookies Necessary cookies Analytics cookies Marketing cookies
Accept all Save settings