The Information Commissioner’s Office (ICO) stated last week that a UK catalog retailer has been hit with a £1.5m fine issued by the information regulator. According to the ICO, the company Easylife breached data protection and marketing laws when it shared the personal information of its customers. In addition, the company targeted its customers with health-related products by using their personal information without consent. Easylife is one of the largest home and garden retailers in the UK, and it also offers products and services related to health.

Easylife allegedly used shopping history and purchase information to make assumptions about customer health and then marketed these products to them. For example, if a shopper purchased a jar opener or dinner tray, the firm would infer that the customer had arthritis and would follow up with marketing attempts to push glucosamine joint patches. This type of data processing is illegal under the GDPR and requires the firm to obtain informed consent in these situations. In addition, Easylife reportedly made over 1.3 million unwanted marketing calls to people registered with the Telephone Preference Service, which opts them out of these types of calls.

Read More: Retailer Easylife Fined £1.5m for Data Protection Breaches