Morrisons supermarket chain fined for flouting customers’ marketing wishes

A national supermarket chain has been fined for breaking the law on how people’s personal information should be treated when sending marketing emails.

An investigation by the Information Commissioner’s Office (ICO) found WM Morrison Supermarkets PLC (“Morrisons”) deliberately sent 130,671 emails to people who had previously opted out of receiving marketing related to their Morrisons More card.

The emails, sent in October and November 2016, were titled ‘Your Account Details’ and invited customers to change their marketing preferences to start receiving money off coupons, extra More Points and the ‘latest news’ from Morrisons.

Deputy Commissioner Simon Entwisle said:

“It is vital that the public can trust companies to respect their wishes when it comes to how their personal information is used for marketing.

“These customers had explicitly told Morrisons they didn’t want marketing emails about their More card. Morrisons ignored their decision and for that we’ve taken action.”

Morrisons, headquartered in Bradford, has been fined £10,500 for breaking the Privacy and Electronic Communication Regulations (PECR).

A new data protection law comes into force next year that sets a high bar for the consent organisations must obtain from customers before using their personal data for marketing.

The ICO has published detailed guidance for firms carrying out direct marketing by phone, text, email, post or fax.


GDPR Summit Series is a global series of GDPR events which will help businesses to prepare to meet the requirements of the GDPR ahead of May 2018 and beyond.

Further information and conference details are available at http://www.gdprsummit.london/