SportsDirect.com Retail Limited – €81,900 Fine (United Kingdom, 2021)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
SportsDirect.com Retail Limited was fined for sending marketing emails without having proper consent from recipients. The UK Information Commissioner's Office found that the company couldn't prove it had valid consent for many of the emails sent. This case underscores the importance of maintaining clear records of consent for marketing communications.
What happened
SportsDirect.com Retail Limited sent marketing emails without having valid consent from recipients.
Who was affected
Individuals who received marketing emails from SportsDirect.com without having given clear consent.
What the authority found
The Information Commissioner's Office found that SportsDirect.com violated regulations by failing to demonstrate valid consent for sending marketing emails.
Why this matters
This ruling highlights the necessity for businesses to keep detailed records of consent for marketing activities. It serves as a reminder that companies must ensure compliance with privacy regulations to avoid penalties.
National Law Articles
SportsDirect.com Retail Limited ('SportsDirect') is a sports retailer in the UK. It was the subject of various complaints via the UK DPA's online reporting tool in relation to unsolicited communications between December 2019 and February 2020. The ICO started an investigation on the basis of these complaints. SportsDirect outlined that the personal data it used for direct marketing was obtained directly from customers after having given their consent. SportsDirect considered the direct marketing sent to individuals who complained to be a "re-engagement campaign". They claimed that these individuals had opted in to receiving marketing emails (and didn't unsubscribe). The emails sent amounted to a total of 459,882,124 emails, 2,565,513 of which were received as part of the "re-engagement campaign". SportsDirect claimed to rely on a soft opt-in for 7 of the 12 complainants, and stated that it collected consent directly from 3 others. It did not have a record of having sent marketing to 1 complaints and had recently erased the data of another shortly after they complained. During the investigation, the ICO uncovered that SportsDirect continued to send messages to customers signed up to a specific scheme even after the scheme had ended. SportsDirect claimed this to be on the basis of legitimate interest for the ex-members of the scheme. Throughout the investigation, SportsDirect cited the challenges it faced to gather the information requested by the ICO. The ICO responded that some of the information, such as legal bases should be readily available to data controllers. The Information Commissioner's Office (ICO) held that SportsDirect infringed Regulation 22 of Privacy and Electronic Communications (EC Directive) Regulations 2003 (hereafter PECR). 2,565,513 direct market emails sent by SportsDirect were received by subscribers. However, SportsDirect was unable to demonstrate evidence that it had valid consent to send these marketing emails. The ICO did not consider
Related Enforcement Actions (0)
No other enforcement actions found for SportsDirect.com Retail Limited in UK
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
13 September 2021
Authority
Information Commissioner's Office
Fine Amount
€81,900
70,000 GBP
GDPRhub ID
gdprhub-4029About this data
Cite as: Cookie Fines. SportsDirect.com Retail Limited - United Kingdom (2021). Retrieved from cookiefines.eu
Last updated: