ICO GDPR enforcement: Charitable and voluntary
3 published UK ICO actions in the charitable and voluntary sector, 2 of them monetary penalties totalling £25,500. Each row links to the original ICO notice.
3
Actions
2
Monetary penalties
£25,500
Total fines
£12,750
Avg. per penalty
All recorded actions in Charitable and voluntary
| Date | Organisation | Action | Fine | Sector | Source |
|---|---|---|---|---|---|
| 24 Jun 2025 | Birthlink | Monetary penalty | £18,000 | Charitable and voluntary | ICO notice |
| 6 Mar 2024 | The Central Young Men's Christian Association | Monetary penalty | £7,500 | Charitable and voluntary | ICO notice |
| 6 Mar 2024 | The Central Young Men's Christian Association | Reprimand | — | Charitable and voluntary | ICO notice |
Source: ICO (Information Commissioner's Office) — Enforcement action. Contains public sector information licensed under the Open Government Licence v3.0. Showing 150 of 210 published actions, retrieved 2026-06-18. Figures are historical ICO outcomes presented neutrally and are not legal advice.
Other sectors
Marketing (20)Finance insurance and credit (19)Criminal justice (16)General business (16)Local government (11)Health (9)Utilities (8)Online technology and telecoms (5)Central government (4)Retail and manufacture (3)Education and childcare (2)Legal (2)Land or property services (1)Media (1)Monetary penalties, Criminal justice (1)Political (1)Transport and leisure (1)
FAQ
- How many ICO enforcement actions are recorded in the charitable and voluntary sector?
- This dataset records 3 UK ICO enforcement actions in the charitable and voluntary sector, of which 2 were monetary penalties. The remaining actions were reprimands, enforcement notices or prosecutions, which carry no ICO fine.
- What is the total of ICO fines in the charitable and voluntary sector?
- The monetary penalties recorded against charitable and voluntary organisations in this dataset total £25,500, an average of £12,750 per penalty. Figures are taken directly from published ICO Monetary Penalty Notices.
Stay off the ICO's enforcement list
GeraCompliance's fixed-scope GDPR sprint maps your data flows, finds your gaps against the same articles cited in these notices, and gives you a prioritised remediation plan — in days, not months.