Do you fancy a £500,000 fine? No? We didn’t think so and neither do we. That’s why we recently reviewed all of our data and thought we would share the details so you won’t run the same risks.

Why did we do this?

Recently there has been a lot of news and a massive crack down on non-compliant outbound phone calls including Which? now taking up the mantel with their “Calling time on Nuisance calls” campaign. The government has pledged to increase focus on fining the source of non-compliant outbound phone calls and the ICO will be working closely with Ofcom and other agencies to trace the source of unsolicited calls via the network operators. Powers introduced several years ago enable them to force SMS and phone call providers to give up information on the entities making the unsolicited communications by tracing their phone lines or SIP accounts.

As the industry knows the majority of these rogue traders that indiscriminately phone households are based outside the EU and there are no effective measures in place to stop this from happening. The introduction of SIP calls and Voice Over IP has made it simpler for non-compliant companies from places like India and Africa to make unregulated sales calls to the UK. Many feel this new regulation will simply force more UK Call Centre Jobs outside the EU and increase these types of calls.

Calls from companies in the UK must be seen to be compliant and you must ensure the data you call has gone through a ‘fit for purpose’ due diligence check and ensure that it is both clean and accurate as well as being compliant. We all must be doing this if we want to keep this industry alive within the UK and keep our data safe.

What you can do

Below is a following checklist of things you and your data supplier need to be doing to make sure your both compliant:

Company and Date File Checks

  1. Make sure the companies you purchase data from are registered with the ICO, you can check their details here
  2. We would also recommend only dealing with companies registered with the DMA as they have their own set rules and revoke membership for companies who repeatedly breach them.  Search here
  3. If you are purchasing data for Electronic Communication as defined in Privacy and Electronic Communications Regulations (PECR) please make sure you check the opt-ins are legitimate by selecting a few records at random and asking for proof of opt-in (I.E. IP Address, Website and date or phone call recording depending on how it was collected).


Individual Data Record Checks

Name and Address Checks

  1. Have the address checked for accuracy and to ensure they have not gone away
  2. MPS Check
  3. Checked against the Deceased Register
  4. Do not contact vulnerable people
  5. General Data Accuracy Checks

Phone Numbers Checks

  1. TPS Check
  2. Maintain a DNC list and check against others lists by sharing removal requests with up line suppliers.
  3. Have the phone number checked to ensure it belongs to the Data Subject
  4. Check to see if the number has been reallocated to a new Subscriber (Mobile Goneaway Check)
  5. Check if the mobile number is live or dead. Dead numbers should be removed as these can be reallocated within as little as 6 months.


These are not exhaustive lists but will give you a good idea of what goes into make sure you are compliant. If you have any question about the above email, making the most of your data or compliance you can email us at