Food delivery company HelloFresh is nursing a £140,000 fine by Britain's data privacy watchdog after a probe found it had dispatched upwards of a staggering 79 million spam email and one million texts in just seven months.
The meal-kit company provides weekly packages of premeasured ingredients with recipes so customers can prepare their own meals rather than winging it at the grocery store.
The Information Commissioner's Office says the company claimed messages were based on an opt-in statement, yet this statement did not include any reference to the sending of marketing messages via text.
Customers weren't give ample information that their data would be used for marketing messages for up to two years after they'd cancelled their HelloFresh subscription, the regulator added.
The investigation discovered that between August 23, 2021 and February 23, 2022, HelloFresh hit send on 80,993,013 messages, including 79,779,279 emails and 1,113,734 texts to subscribers.
These were sent in contravention of Regulation 22 of the Private Electronic Communications Regulations.
The ICO says it was made aware of the spams issue after receiving complaints from recipients on its reporting service.
It also found that even after people had asked HelloFresh to cease and desist, the spams continued.
The company was served with a £140,000 fine for breaking PECR, taking the number of fines handed to spammers to £2.44 million since April last year.
This Cyber News was published on go.theregister.com. Publication date: Fri, 12 Jan 2024 11:43:05 +0000