You will have seen the QR codes on the outside of cafés, restaurants, gyms and the like, and you will probably have scanned them to check in to a venue with the NHS COVID-19 app.
However, some private contract tracing providers were established alongside the official one, and the ICO has just fined one of these for sending 84,000 nuisance emails to people who used it.
TML was fined £8,000 for using personal data for marketing without adequate valid consent, and this is against the law.
The ICO reports the story and adds detail here, but we can all learn from it. In order to send marketing emails to individuals you must have adequate consent, and be able to demonstrate that you have it if challenged.
If you collect customer and visitor details, check out the ICO’s 5 steps to take; and if you are unsure how you would demonstrate compliance when sending marketing emails, get in touch with us, or book a free 20-minute insight call to talk through any questions.