• Contact Us

Tempcover Ltd Fined - The Unintended Cost of Marketing

on Friday, 25 March 2022.

Between November 2019 and May 2020, 13 complaints were made against Tempcover for spam messages they 'did not consent to'. 12 were made via Mobile UK and one directly to the ICO.

How Tempcover Collected Customer Data

The ICO's investigation concluded that Tempcover failed to comply with Regulation 22 of the Privacy and Electronic Communications (EC Directive) Regulations 2003 (PECR), which makes it unlawful to use a customer's contact details to instigate unsolicited marketing communication without gaining their 'freely given' consent through a specific medium of communication or a soft opt-in mechanism. This is permitted under Regulation 22(3) PECR where customers have not specifically consented to email communication but the organisation collects the contact details for 'the marketing of similar goods and services' and 'provided that customers are given the ability to opt-out of that marketing'.Customers looking for an insurance quote on Tempcover's website were prompted to insert their details and agree to the terms and conditions and privacy policy without the ability to opt out of marketing campaigns. Tempcover therefore tried to use 'legitimate interest' as basis for their unlawful actions.

Marketing Without Consent

The ICO found that Tempcover's actions "essentially made agreement to marketing a condition of service" as they were automatically registered for SMS and emails when providing their contact details for the purpose of obtaining a quote. Their consent was not freely given. Therefore, legitimate interest could not be relied upon when consent to direct marketing was not freely given.

The inability to choose a preferred medium of communication for direct marketing purposes meant that consent was not 'specific' enough for PECR and could not be relied upon.

In its the decision to impose such a high fine, the ICO considered the aggravating factors that Tempcover would have financially benefitted from their marketing campaign and that it ought to have known the risks of unsolicited direct marketing as Tempcover had its own 'training materials which made specific reference to PECR and the need to comply with data protection legislation.' However, Tempcover's implementation of new measures allowing customers to opt out were considered as a mitigating factor by the ICO.

How to Avoid Incurring Such a Fine?

  • The customer's valid consent must be held or soft opt-in mechanisms must be in place. This means that customers must have the option to opt out of any direct marketing.
  • There must be the a specific and active choice that the customer can make between mediums of communications.
  • If there are internal training manuals specific to PECR and wider regulation, make sure it is followed.

For advice on best practice for collecting and using customer data, please contact Penny Bygrave in our Recruitment team on 07909 681572, or complete the form below.

Get in Touch

First name(*)
Please enter your first name.

Last name(*)
Invalid Input

Email address(*)
Please enter a valid email address

Please insert your telephone number.

How would you like us to contact you?

Invalid Input

How can we help you?(*)
Please limit text to alphanumeric and the following special characters: £.%,'"?!£$%^&*()_-=+:;@#`

See our privacy page to find out how we use and protect your data.

Invalid Input