The ICO exists to empower you through information.

Show your customers you care – about their information rights – this Valentine’s Day.

That’s the message from the Information Commissioner’s Office (ICO), the UK regulator for data protection, at what is often a busy time for those in the beauty and wellbeing trade.

Most small businesses in this sector have information about people. This could be customer appointment or payment details, sensitive information about their allergies, staff details, or supplier contacts. 

Information rights laws are in place to ensure that people’s details are handled in a safe and lawful way.

“Looking after people’s information shows them they can trust your business and that you care about handling their information with respect. At the ICO we understand that smaller businesses tend to have less time and resources to spend on data protection, so it’s key that our services are quick and easy for them to use and help make data protection simple and stress free.”

- Faye Spencer, Head of Business Services

The ICO’s web hub for small organisations has lots of data protection advice. It includes short video guides, practical checklists, and tools to help small businesses with a range of things such as checking if they need to register with the ICO, creating a privacy notice and keeping people’s data secure. 

There’s also a new simple beginners guide to data protection with useful quick tips to help small businesses get started on their data protection journey, or to help them review their existing practices. 

A team of helpful advisors are available via live chat or the telephone helpline to answer with any data protection questions or offer additional support. 

For more information go to our hub for Advice for small organisations

Notes to editors
  1. The Information Commissioner’s Office (ICO) is the UK’s independent regulator for data protection and information rights law, upholding information rights in the public interest, promoting openness by public bodies and data privacy for individuals.
  2. The ICO has specific responsibilities set out in the Data Protection Act 2018 (DPA2018), the United Kingdom General Data Protection Regulation (UK GDPR), the Freedom of Information Act 2000 (FOIA), Environmental Information Regulations 2004 (EIR), Privacy and Electronic Communications Regulations 2003 (PECR) and a further five acts and regulations.
  3. The ICO can take action to address and change the behaviour of organisations and individuals that collect, use, and keep personal information. This includes criminal prosecution, non-criminal enforcement and audit.
  4. To report a concern to the ICO telephone call our helpline on 0303 123 1113, or go to ico.org.uk/concerns.