The Information Commissioner’s Office (ICO) has fined Everything DM Ltd (EDML), based in Stevenage, £60,000 for sending 1.42 million emails without consent.

The investigation found that, between May 2016 and May 2017, the firm used its direct marketing system called ‘Touchpoint’ to send emails on behalf of its clients for a fee.

Those emails gave the impression they were sent by the clients directly, and EDML couldn’t prove that the recipients’ had ever given consent to receive marketing emails from its clients or itself.

The investigation revealed that EDML relied on the consent of third parties but didn’t take reasonable steps to make sure the data complied with the Privacy and Electronic Communications Regulations (PECR).

ICO Director of Investigations, Steve Eckersley, said:

“Firms providing marketing services to other organisations need to double-check whether they have valid consent from people to send marketing emails to them. Generic third party consent is not enough and companies will be fined if they break the law.”

The ICO has also served an Enforcement Notice on EDML requiring them to comply with PECR in the future.


GDPR Summit Series is a global series of GDPR events which will help marketers to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond. Further information and conference details are available at http://www.gdprsummit.london/


comments powered by Disqus