Food delivery company HelloFresh has been fined £140,000 by the Information Commissioner’s Office (ICO) for sending over 80 million spam messages to customers over a seven-month period.
An investigation by the ICO found that 79 million emails and 1 million texts sent by the recipe box firm “lacked proper consent” as customers were not aware they had opted in to receive the marketing messages.
The ICO found that the text messages were sent based on an opt-in statement that did not make any reference to the sending of marketing via text.
Meanwhile, despite there being a reference to receiving emails, the option to opt-in was included in an age confirmation statement which was likely to “unfairly incentivise customers to agree”.
Subscribe to Grocery Gazette for free
Sign up here to get the latest grocery and food news each morning
The regulatory body discovered that customers were not adequately informed their data would continue to be used for marketing purposes for up to 24 months after cancelling their subscriptions.
The ICO added that HelloFresh had persistently continued to contact some individuals even after they had requested to stop receiving the messages.
ICO head of investigations Andy Curry said: “This marked a clear breach of trust of the public by HelloFresh. Customers weren’t told exactly what they’d be opting into, nor was it clear how to opt out.
“From there, they were hit with a barrage of marketing texts they didn’t want or expect, and in some cases, even when they told HelloFresh to stop, the deluge continued.”
The ICO started its investigation of the food delivery service last March after receiving nearly 9,000 complaints via its website and 7726 spam reporting messaging service.