The UK’s data protection regulator has fined food delivery company HelloFresh £140,000 for sending millions of spam emails and texts.
Over a seven-month period the recipe box firm sent 79 million spam emails and 1 million spam texts, according to the Information Commissioner’s Office (ICO).
The Gousto rival has been issued the fine because customers were not fully aware of what communications they were opting into.
“This marked a clear breach of trust of the public by HelloFresh,” said Andy Curry, head of investigations at the ICO.
“Customers weren’t told exactly what they’d be opting into, nor was it clear how to opt out. From there, they were hit with a barrage of marketing texts they didn’t want or expect, and in some cases, even when they told HelloFresh to stop, the deluge continued.
“In issuing this fine, we are showing that we will take clear and decisive action where we find the law has not been followed. We will always protect the right of customers to choose how their data is used.”
HelloFresh sent the spam messages between 23 August and 23 February 2022.
The ICO said it began the investigation in March 2022 after receiving complaints. A HelloFresh spokesperson said the ICO only received three complaints relating to emails.
“Customers are at the centre of everything we do and we take our data protection obligations extremely seriously,” the spokesperson said.
“We have worked closely with the ICO, we have carefully considered their feedback and have made changes to our SMS and email policy.”
Founded in 2011, the Berlin-headquartered launched in the UK in early 2012. It completed an initial public offering on the Frankfurt Stock Exchange in November 2017.