The Information Commissioners Office (ICO) for Data Protection has gained new enforcement powers and the capability to fine companies up to £500,000 for breaches of the Data Protection Act. In light of recent scandals involving hacking, personal data and security breaches the implications could be severe.

But some companies in the window industry could already be breaching ICO rules. In broad terms any company that electronically holds personal data is required to register as a Data Controller with the ICO (some not-for-profit organisations are exempt).

This includes prospect data that you buy-in or use if the database contains records that are sole traders or partnerships, or contains email addresses that can identify a living person.

At Insight Data we recently had a gruelling audit from the Direct Marketing Association (DMA), of which we are an accredited member. We were shocked to learn that some prospect data suppliers have avoided registering as a Data Controller for years, committing a criminal offence.

It has subsequently come to light following several phone calls to our office, that as of 25th July 2011 Insight Data is the only specialist supplier of prospect data to the window and conservatory industry that is a registered Data Controller with the Information Commissioners Office.

However, we are delighted to report that following a Report to the ICO and our campaign to shame illegally trading suppliers, some of them have now registered, despite trading unlawfully for many years.

If any companies are unsure about the ICO and would like details on registering as a Data Controller, please speak to our Data Compliance Officer David Lewis, who will be happy to give some guidance.

For more information, you can call us on 01934 808293 or send us an online message.