New Mums Service Bounty Fined £400,000 For Unlawfully Sharing Personal Data

  • Post author:
  • Post category:News
  • Post comments:0 Comments
  • Reading time:3 mins read

Bounty (UK) Ltd, the pregnancy and parenthood support service, has been fined by the Information Commissioner’s Office for illegally sharing the personal information of approximately 14 million people.

An investigation by the ICO found that the company had collected the information for the overarching purpose of membership lead generation – predominantly through its digital products online and via their app. However, they also collated information from merchandise packs given to new mothers at their bedside which came without marketing opt-in consent forms.

The information was then shared with numerous organisations – from Equifax to Sky – without being fully clear about the type of campaigns these organisations were going to undertake. The company breached the Data Protection Act of 1998 by sharing personal information without being wholly clear about the end-result usage and therein having the correct opt-in consent from the individual.

According to the ICO:

“The number of personal records and people affected in this case is unprecedented in the history of the ICO’s investigations into data broking industry and organisations linked to this.

Bounty were not open or transparent to the millions of people that their personal data may be passed on to such large number of organisations. Any consent given by these people was clearly not informed. Bounty’s actions appear to have been motivated by financial gain, given that data sharing was an integral part of their business model at the time. 

Such careless data sharing is likely to have caused distress to many people, since they did not know that their personal information was being shared multiple times with so many organisations, including information about their pregnancy status and their children”

The moral of the story? Always make sure you follow data protection rules (especially in this post-GDPR landscape) and that you get opt-in agreement from your customers to use the information in whatever way you have agreed consent. If you need to find out more about opt-in marketing consent, the ICO have this great marketing guide for SMEs looking to stay on the right side of the law!

Leave a Reply