- Latest available (Revised)
- Original (As made)
The Data Protection (Charges and Information) (Amendment) Regulations 2025
You are here:
- UK Statutory Instruments
- 2025 No. 63
- Whole Instrument
- Previous
- Next
What Version
Opening Options
More Resources
Status:
This is the original version (as it was originally made). This item of legislation is currently only available in its original format.
Statutory Instruments
2025 No. 63
DATA PROTECTION
The Data Protection (Charges and Information) (Amendment) Regulations 2025
Made
22nd January 2025
Laid before Parliament
27th January 2025
Coming into force
17th February 2025
The Secretary of State makes these Regulations in exercise of the powers conferred by sections 137(1) and 182(5) of the Data Protection Act 2018(1).
The Secretary of State makes these Regulations—
(a)
having regard to the matters specified in section 137(4) of that Act, and
(b)
after consultation in accordance with sections 138(1) and 182(2) of that Act.
Citation, commencement, extent and interpretation
1.—(1) These Regulations may be cited as the Data Protection (Charges and Information) (Amendment) Regulations 2025 and come into force on 17th February 2025.
(2) These Regulations extend to England and Wales, Scotland and Northern Ireland.
(3) In these Regulations, “the 2018 Regulations” means the Data Protection (Charges and Information) Regulations 2018(2).
Amendment of the Data Protection (Charges and Information) Regulations 2018
2. Regulation 3(1) of the 2018 Regulations is amended as follows—
(a)in sub-paragraph (a), for “£40” substitute “£52”;
(b)in sub-paragraph (b), for “£60” substitute “£78”;
(c)in sub-paragraph (c), for “£2,900” substitute “£3,763”.
Transitional and saving provision
3.—(1) Regulation 3(1) of the 2018 Regulations continues to have effect for a charge period without the amendments made by regulation 2 of these Regulations where—
(a)the charge period began within the period beginning with 18th February 2024 and ending immediately before these Regulations come into force, and
(b)the data controller has paid the charge to the Information Commissioner for that charge period.
(2) In paragraph (1), “charge period” and “data controller” have the same meanings as in the 2018 Regulations.
Chris Bryant
Minister of State
Department for Science, Innovation and Technology
22nd January 2025
Explanatory Note
(This note is not part of the Regulations)
The Data Protection (Charges and Information) Regulations 2018 (S.I. 2018/480) (“the 2018 Regulations”) set out the circumstances in which data controllers are required to pay a charge to the Information Commissioner. Regulation 2 of the 2018 Regulations requires a data controller to pay an annual charge to the Information Commissioner unless all of the processing by the data controller is exempt processing. Each annual period for which a charge must be paid is described as a “charge period”. Regulation 3 of the 2018 Regulations makes provision for the amount of the annual charge, prescribing three tiers of charges according to criteria relating to a data controller’s turnover and number of members of staff (or only members of staff, for a public authority). Charities and small occupational pension schemes are included in the lowest tier. The charge is reduced if a data controller pays the charge by direct debit.
These Regulations only make provision increasing the charges set out in the 2018 Regulations. The increases are less than the increase in the retail prices index since the 2018 Regulations were made.
Regulation 2 of these Regulations amends regulation 3(1) of the 2018 Regulations to increase the annual charges for each of the three tiers as described in regulation 3(2) of the 2018 Regulations. In particular—
(a)It increases the charge for tier 1 (micro organisations) from £40 to £52;
(b)It increases the charge for tier 2 (small and medium organisations) from £60 to £78;
(c)It increases the charge for tier 3 (large organisations) from £2,900 to £3,763.
Regulation 3 of these Regulations provides that the new charge does not apply for a charge period that is ongoing when these Regulations come into force if the data controller has already paid the fee for that charge period.
A full impact assessment has not been produced for this instrument as no, or no significant, impact on the private, voluntary or public sector is foreseen.
(1)
(2)
S.I. 2018/480, amended by paragraph 421 of Schedule 19 to the Data Protection Act 2018 and S.I. 2019/478. The 2018 Regulations were made under sections 108(1) and (5) and 110(6) of the Digital Economy Act 2017 (c. 30). Those sections were subsequently repealed by paragraph 224 of Schedule 19 to the Data Protection Act 2018. The 2018 Regulations now have effect as if they were made under section 137 of the Data Protection Act 2018 (see paragraph 26 of Schedule 20 to that Act).
Options/Help
Print Options
Official printed copies
PrintThe Whole Instrument
Legislation is available in different versions:
Latest Available (revised):The latest available updated version of the legislation incorporating changes made by subsequent legislation and applied by our editorial team. Changes we have not yet applied to the text, can be found in the ‘Changes to Legislation’ area.
Original (As Enacted or Made): The original version of the legislation as it stood when it was enacted or made. No changes have been applied to the text.
Opening Options
Different options to open legislation in order to view more content on screen at once
Explanatory Memorandum
Explanatory Memorandum sets out a brief statement of the purpose of a Statutory Instrument and provides information about its policy objective and policy implications. They aim to make the Statutory Instrument accessible to readers who are not legally qualified and accompany any Statutory Instrument or Draft Statutory Instrument laid before Parliament from June 2004 onwards.
More Resources
Access essential accompanying documents and information for this legislation item from this tab. Dependent on the legislation item being viewed this may include:
- the original print PDF of the as enacted version that was used for the print copy
- lists of changes made by and/or affecting this legislation item
- confers power and blanket amendment details
- all formats of all associated documents
- correction slips
- links to related legislation and further information resources
More Resources
Use this menu to access essential accompanying documents and information for this legislation item. Dependent on the legislation item being viewed this may include:
- the original print PDF of the as made version that was used for the print copy
- correction slips
Click 'View More' or select 'More Resources' tab for additional information including:
- lists of changes made by and/or affecting this legislation item
- confers power and blanket amendment details
- all formats of all associated documents
- links to related legislation and further information resources
All content is available under the Open Government Licence v3.0 except where otherwise stated. This site additionally contains content derived from EUR-Lex, reused under the terms of the Commission Decision 2011/833/EU on the reuse of documents from the EU institutions. For more information see the EUR-Lex public statement on re-use.