Do I need to register with the ICO?

UK companies who collect, store, or process personal data may need to register with the ICO however registration is not always necessary and there are several exemptions which may apply. Where applicable registration is a legal obligation and the ico can issue pretty serious fines if you fail to register and pay the appropriate fee.  The registration fee varies depending how many employees you have and your turnover – most SMEs pay £40 but fees for larger companies are much higher.

You can check to see if you need to register here: https://ico.org.uk/for-organisations/data-protection-fee/self-assessment/

… and if you do not need to register you should claim an exemption here: https://ico.org.uk/for-organisations/data-protection-fee/exemptions/

It is important that if you are claiming an exempt that you does actually register your exemption using the link above, otherwise the ico will send you threatening letters!

It is difficult to quantify the value of registering [other than it is the law], I always recommend registration even if the company is exempt as it demonstrates a level of commitment to data protection and a willingness to be contacted. So our recommendation is that you should register – even if technically – you are exempt.

Don’t forget that you should also register your Data Protection Officer if you have one – you can register them at:   https://ico.org.uk/for-organisations/data-protection-fee/your-data-protection-officer-is/

If you are not sure whether you have already registered you can check here: https://ico.org.uk/about-the-ico/what-we-do/register-of-fee-payers/

Hope this helps.

Feel free to talk to us about any of this.

GDPRLocal team