February 1, 2023
The ICO is the UK’s independent authority responsible for upholding the information rights in public interests and data privacy of individuals. To elaborate, the major aim of the ICO is to ensure that the rights of individuals over their own data is duly respected and protected. It further ensures that any business involved in the processing of the data should respect the rights of the individuals.
As an independent regulator, it oversees the different aspects of data protection like providing a forum to register complaints about any privacy concerns, facilitating registration of controllers, providing guidance on data protection and use of technology as well as taking action against those who violate the rights of data subjects or individuals.
The requirement of registration is mandatory as per regulation for every data controller who processes personal information. The ambit of the requirement is vast enough to cover most of the organisations in the UK as they assume the role of a controller in one form or the other at some point in business.
Unless exempt, every organisation has to pay a fee to the ICO to register and once registered the controller are required to renew their registration on annual basis. The failure to renew can attract a fine of up to £4,350.
The scope of the exemption from registration is limited in nature. There are a variety of processing activities for which you need not pay the data protection fees and register -
There are a variety of processing operations apart from these examples and so long as the processing remains with the limits prescribed by the regulation then there is no need to register. To confirm the exemption, use the ICO’s self-assessment tool.
If you have not paid the fees and have received a letter from the ICO you need to begin with identifying the tier in which your business fits in the three-tier scale explained hereunder -
The regulation lays down exceptions for charitable institutions and small occupational pension schemes which are only liable to pay Tier-1 fees irrespective of their size or turnover.
Once you have determined your tier and the respective fees then you can simply pay the fees here. You can avail of a £5 discount if you set up a direct debit.
The payment is done online on the ICO’s website. The first time users can swiftly complete the payment by keeping the following handy to fill the form:-
Once the payment is completed the ICO lists the details of the company in the data protection public register.
This article does not constitute legal advice in any form and only seeks to break down some of the main points set out by publicly available sources such as the ICO.
Ensure your policies are always up to date with Privasee, an AI powered GDPR compliance solution that does it all.