Morrisons supermarket chain fined for flouting customers’ marketing wishes

A national supermarket chain has been fined for breaking the law on how people’s personal information should be treated when sending marketing emails.

An investigation by the Information Commissioner’s Office (ICO) found WM Morrison Supermarkets PLC (“Morrisons”) deliberately sent 130,671 emails to people who had previously opted out of receiving marketing related to their Morrisons More card.

The emails, sent in October and November 2016, were titled ‘Your Account Details’ and invited customers to change their marketing preferences to start receiving money off coupons, extra More Points and the ‘latest news’ from Morrisons.

Deputy Commissioner Simon Entwisle said:

“It is vital that the public can trust companies to respect their wishes when it comes to how their personal information is used for marketing.

“These customers had explicitly told Morrisons they didn’t want marketing emails about their More card. Morrisons ignored their decision and for that we’ve taken action.”

Morrisons, headquartered in Bradford, has been fined £10,500 for breaking the Privacy and Electronic Communication Regulations (PECR).

A new data protection law comes into force next year that sets a high bar for the consent organisations must obtain from customers before using their personal data for marketing.

The ICO has published detailed guidance for firms carrying out direct marketing by phone, text, email, post or fax.


The inaugural Data Protection World Forum (DPWF) will be held on November 20th & 21st 2018 at the ExCeL London which will provide a broader focus across the data protection and privacy space amidst the progressive tightening of global data protection laws.

Ahead of the end of year event, DPWF has launched a series of intensive workshops.

Further information on the DPWF and workshop details are available at: https://www.dataprotectionworldforum.com/