The National Society for the Prevention of Cruelty to Children was fined £12,000 for failing to follow data protection rules.
What they did
- Between 2014 and 2015, the NSPCC used a form to collect the personal data of supporters. The form did not provide information about the information being used for marketing by telephone and mail. In total, 22,608 people had their details unfairly collected in this way.
- Finding information about you, that you didn’t provide
Between 2010 and 2016, the NSPCC used this approach to matched telephone number to 246,751 supporters’ records. It also matched 115,741 email addresses to supporters’ records.
In 2014, the NSPCC wealth screened more than 5,870,135 records.
- The ICO investigation also raised concerns around marketing text messages the NSPCC sent in response to text messages making donations between 2014 and 2016.