Updated guidance released on how businesses should collect customer details
At the time of the Prime Minister’s statement, there were a number of question marks over how this would be compatible with data protection law, which the ICO has sought to clarify in its most recent guidance.
Following on from our recent article “Relaxation of lockdown: new guidance requires restaurants, bars and other businesses to collect customer details” published last week, the Information Commissioner’s Office (“ICO”) has published supplemental guidance for those businesses that will be asked to collect customer details when opening from tomorrow onwards.
When the initial announcement was made by the Prime Minister that bars, restaurants, cafes and businesses such as hairdressers would be allowed to open from Saturday 4 July 2020, one of the many caveats was that these businesses should collect the contact details of any customers visiting the business’ premises. The need for such businesses to collect this data is on the basis that it will be necessary to support the NHS Test and Trace system.
At the time of the Prime Minister’s statement, there were a number of question marks over how this would be compatible with data protection law, which the ICO (as the independent regulator responsible for governing data privacy rights of individuals) has sought to clarify in its most recent guidance. The broad message for businesses is as follows:
Ask for only what is necessary
This is as set out in the Government’s guidance and includes details such as the individual’s name, contact details and date and time of arrival at the premises. It also includes the details of any staff that are working on a particular day. Whilst it had been thought that businesses may have been required to collect a person’s ID, this does not appear to be the case.
Be transparent with customers
This accords with one of the main principles of data protection requiring businesses to inform data subjects what their data will be used for and why it is necessary. A simple onsite notice, as suggested in our previous article, or website statement would satisfy this requirement so that a business’ employees do not have to inform every single customer personally. Any privacy notice must also set out that personal data may be disclosed to the NHS for the purposes of contact tracing.
Carefully store the data
As with other data collected or processed by these businesses, it should be stored in a way that is secure, digitally or otherwise.
Do not use the data for other purposes
The data that is collected for the purposes of contract tracing cannot be used for any other purpose. For example, businesses cannot add customer details to their direct marketing list.
Erase the data in line with government guidance
Businesses must not keep customer data for longer than 21 days after collection. Erasure should be conducted in a secure manner to prevent others from using the data.
It would appear from the above that the ICO has tried to keep things simple for businesses and to encourage a common sense approach. It has not sought to impose any “new” practices, but has instead re-stated existing data protection principles. For those businesses that are re-opening and will be collecting data for NHS Test and Trace purposes, it will be important to have in mind the data privacy rights of individuals during the collection process.
Further Government guidance provides that individuals will be able to refuse to share their data for the purposes of NHS Test and Trace if they wish. Where data is collected, businesses will only be required to share it with NHS Test and Trace when requested.
For full ICO guidance, see here.
If you have any questions or queries on how best to approach such guidance and re-open, please contact the Data Protection Team at Leathes Prior on 01603 610911 or by email.
Note: The content of this article is for general information only and does not constitute legal advice. Specific legal advice should be taken in any specific circumstance.
Autumn Budget 2025: Agricultural Property Relief & Business Property Relief Changes
It was announced in the 2025 Budget that from 6 April 2026, changes will be made to agricultural property relief and business property relief. These changes bring APR and BPR in line with the nil-rate band rules, meaning unused allowances can be transferred to a surviving spouse or civil partner. This is a significant step towards making estate planning easier for families who own farms or businesses.
The Employment Rights Act 2025 is expected to come into force tomorrow (18 December 2025)
After an extended period of back-and-forth amendments between Parliament and the House of Lords, on 16 December 2025, the ERB finally received approval from the House of Lords, with the formality of Royal Assent due to take place tomorrow (18 December 2025). Head of LP Employment, Dan Chapman, explains...
Autumn Budget 2025: Agricultural Property Relief & Business Property Relief Changes
It was announced in the 2025 Budget that from 6 April 2026, changes will be made to agricultural property relief and business property relief. These changes bring APR and BPR in line with the nil-rate band rules, meaning unused allowances can be transferred to a surviving spouse or civil partner. This is a significant step towards making estate planning easier for families who own farms or businesses.
The Employment Rights Act 2025 is expected to come into force tomorrow (18 December 2025)
After an extended period of back-and-forth amendments between Parliament and the House of Lords, on 16 December 2025, the ERB finally received approval from the House of Lords, with the formality of Royal Assent due to take place tomorrow (18 December 2025). Head of LP Employment, Dan Chapman, explains...
Charity of the Month: The Matthew Project
Leathes Prior is delighted to be supporting The Matthew Project as our Charity of the Month for December 2025. The Matthew Project supports young people and adults across Norfolk, Suffolk, and Essex to overcome issues around drugs, alcohol, and mental health, empowering them to rebuild confidence and lead fulfilling lives.
Leathes Prior’s Milan Pandit appointed President of the Norfolk & Norwich Law Society
Leathes Prior Solicitors is proud to announce that Milan Pandit, Solicitor in our Corporate & Commercial Team, has been appointed President of the Norfolk & Norwich Law Society (NNLS) for 2025/26.
Commercial Lease Renewals: A guide for Landlords & Tenants
Commercial lease renewals are a topic that every commercial landlord and business that rents commercial premises should have at the forefront of their minds. It is essential for good succession planning, though it is often neglected until the expiry of an existing lease term is looming or once the existing term has come to an end and the tenant is holding over. In this article, our newly qualified solicitor, Maggie Berry explores the process that landlords and tenants can expect when navigating this complex area of law.
Our Guidance, Your Legacy: What is a Will, and why should I make one?
Not only is a Will one of the most important steps you can take to protect your loved ones and ensure your wishes are respected, but it also limits the likelihood of a claim/dispute following your death. To ensure your loved ones and the causes you care about benefit from your estate, a Will is essential to ensuring this happens. Find out more in this article.
Lease extensions: The essentials to getting started
Extending your lease can seem complex, but taking the right steps early can make the process much smoother. Jake Mowatt, Associate and Harry Smith, Trainee Solicitor in our Residential Property Team outlines the key essentials every leaseholder should understand prior to extending their lease.
Upcoming changes to bringing employment law claims: What these mean for you
The highly anticipated Employment Rights Bill (ERB) is set to increase the time limits in which employees can bring an employment tribunal claim. Gareth Stevens & Rose Woolterton explain what this means for employers & employees.
Service Charges in Residential Leases: FAQs
Service charges are forever a hot topic in the world of property disputes, and it remains one of the most contentious areas between freeholders and leaseholders, particularly in long residential leases. Danny Turpin, Associate, discusses frequently asked questions regarding service charges on long residential leases.
Leathes Prior winners in nine categories in the prestigious Legal 500 Future Laywer Survey
We are thrilled to announce that the firm has placed once again in the Legal 500 Future Lawyer survey as No.1 in the UK for our Social Life; a ranking we have held in the survey for seven years out of the past nine years.
Jess’s Rule – New Guidelines for GPs
A new initiative is being rolled out across GP practices across England in the hope of preventing serious illnesses being missed by GPs where patients present with the same, or deteriorating, symptoms on multiple occasions. Kimberley Nelson in our Personal Injury & Clinical Negligence Team discusses new guidelines for GPs.
Leathes Prior are excited to announce that four Trainee Solicitors qualify at the firm
Leathes Prior is excited to announce that four of our amazing trainees, Eleanor Chapman, Maggie Berry, Alex Robinson, and Georgia Sartin, have successfully completed their training contracts and are now qualifying as Solicitors at the firm.
