Skip to content

Four Reasons to Limit Customer Data Collection in England

Table of Contents

Your company will typically handle a significant amount of data, including your own confidential business information and the personal data of customers and clients. Limiting the data you collect is essential to avoid breaching data protection rules. Notably, the General Data Protection Regulation (GDPR) sets out rules on using customer data, and the Information Commissioner’s Office (ICO) enforces them in England. It is vital to follow the rules relating to customer data collection as the ICO can issue fines to organisations that do not meet their obligations. This article will explore four key reasons to limit customer data collection in England and how your organisation can avoid ICO fines.

Compliance With the GDPR

Your business must avoid intentional breaches of data protection rules. Many of the rules relate to customer data. Some examples include your organisation: 

  • only obtains customer data for lawful purposes;
  • only retains customer data as long as necessary;
  • handles personal customer information  fairly, lawfully and transparently; and
  • avoids collecting customer data that is excessive, irrelevant or not for the stated collected purpose. 

Ultimately, you can only collect necessary customer data (for example, their postal address) and must explain why you require this information (for example, to deliver a product by post). Conversely, you may struggle to justify requiring a  customer’s national insurance number when they have only ordered a one-off purchase for postal delivery.

The ICO can hand down financial fines of up to £17.5m for breaching the GDPR, presenting a significant financial deterrent to companies against storing more customer data than permitted under data protection rules.

Less Maintenance and Cost

Your organisation must protect customer information as part of its data privacy obligations. This involves keeping sensitive data secure and ensuring storage systems are regularly maintained. 

Limiting customer data collection means you have less to maintain. Additionally, it is more economically efficient due to reduced IT equipment and server requirements. A helpful example is the use of CCTV on your premises. CCTV footage utilises a significant amount of electronic storage and electricity to function. You can significantly reduce maintenance and costs by reducing the CCTV system from four cameras to one camera.  

Continue reading this article below the form
Need legal advice?
Call 0808 196 8584 for urgent assistance.
Otherwise, complete this form and we will contact you within one business day.

Less Information to Lose in a Cyber Attack

Additionally, businesses must be aware of the risk of cyber-attacks and take preventative measures to avoid data breaches. Whilst a locked door reduces the theft of physical data, cyber attacks can allow third parties to access digital information. 

Holding less customer information reduces the data lost in a successful cyber attack. This is akin to a business not storing cash on their premises overnight in case intruders break in.

Easier and Quicker to Securely Delete

Customer data is often stored in two forms: digital and physical. 

1. Physical

Retaining fewer customer records, such as printed documents, will reduce the storage costs and subsequent time and effort to destroy documents securely. 

2. Digital

Holding greater quantities of information often requires multiple storage devices and backup devices. This increases the complexity of finding data when required. Retaining minimal data makes it easier to locate and delete information.

Safe deletion of physical and digital information is an essential requirement of the GDPR, as your organisation needs to ensure other parties cannot recover customer information.

Key Takeaways

Limiting the customer information your business stores effectively limits the impacts of data breaches, helping your business comply with the GDPR. Compliance will also ensure your business avoids ICO fines. By storing minimal customer data, your business can reduce maintenance costs and data loss in a cyber attack. Furthermore, you can quickly and efficiently delete information when required. 

If you need help with data protection requirements and safe storage of customer information, our experienced Data, Privacy and IT lawyers can assist as part of our LegalVision membership. For a low monthly fee, you will have unlimited access to lawyers to answer your questions and draft and review your documents. Call us today on 0808 196 8584 or visit our membership page.

Frequently Asked Questions

Are there limits on how long my company can keep customer data?

Yes, you should only store customer personal information for as long as necessary.  The technical test is to delete data once it fulfils its intended purpose and is of no further use.

What is customer information?

Customer information is anything that can identify your customers such as their date of birth, email address or postal address. This information is protected under the GDPR because it relates to an identifiable person and a third party may use this information against them.

Register for our free webinars

Protecting and Enforcing Your Brand

Online
Protect your brand from misuse and infringement. Register for our free webinar.
Register Now

Deal Structures 101: Understanding Equity, ASAs and Convertible Notes

Online
As a startup founder, understand your capital raising options. Register for our free webinar today.
Register Now

Common Legal Pitfalls for SaaS and Online Businesses

Online
Protect your online or SaaS business from common legal pitfalls. Register for our free webinar.
Register Now

GDPR Compliance Essentials for SMEs

Online
Ensure our business is compliant with GDPR and build trust with customers. Register for our free webinar.
Register Now
See more webinars >
Thomas Sutherland

Thomas Sutherland

Read all articles by Thomas

About LegalVision

LegalVision is an innovative commercial law firm that provides businesses with affordable, unlimited and ongoing legal assistance through our membership. We operate in Australia, the United Kingdom and New Zealand.

Learn more

We’re an award-winning law firm

  • Award

    2024 Law Company of the Year Finalist - The Lawyer Awards

  • Award

    2024 Law Firm of the Year Finalist - Modern Law Private Client Awards

  • Award

    2023 Economic Innovator of the Year Finalist - The Spectator

  • Award

    2023 Law Company of the Year Finalist - The Lawyer Awards

  • Award

    2023 Future of Legal Services Innovation - Legal Innovation Awards