What has been the response from the Competition and Markets Authority (CMA)?
The CMA is the government body that is responsible for protecting consumers from unfair trading practices. It has announced programme of work to investigate reports of businesses failing to respect cancellation rights during the Coronavirus pandemic.
Based on the complaints received by them from consumers, the CMA has identified three sectors of particular concern:
- Weddings and private events
- Holiday accommodation
- Nurseries and childcare providers
The CMA has expressed concern about the number of complaints that it has received about businesses seeking to retain deposits for cancelled events, undue restrictions being placed on use of vouchers provided for cancelled bookings, and payments being demanded to hold open nursery places.
The CMA has said it will prioritise investigation of these sectors, and then move on to other sectors.
Related FAQs
You also need to consider other aspects of data protection.
Be proportionate – only gather and use Covid-19 data where you need to.
Keep data to a minimum – you shouldn’t gather more data than you need. You need to know someone has Covid-19 but you don’t need to know all their symptoms. Data minimisation also applies to who gets access to the data. It’s unlikely that a spreadsheet, accessible to everyone updating them on the health status of all employees, would be appropriate. Data should be shared on a need to know basis. You need to balance the privacy of individuals against your duty of care to be responsible with regards to the data of your employees, visitors, customers and suppliers.
Keep it up to date – make sure you update data. People’s health status will change and if you keep a record of this, you need to make sure it is accurate and up to date (although this doesn’t mean you should batter individuals with constant requests for updates on health status. Again, be proportionate).
Identify individuals only when you need to – although you will need to know who has Covid-19, that doesn’t mean you need to tell everyone in the organisation. As soon as you can, you should remove personal data from any information you gather. For example, you might want to update employees on the health status of their fellow employees but you probably don’t need to name individuals and even if you feel it is necessary, you should keep the information you provide to a minimum. Removing personal identifiers in a document is also a good data security technique.
Keep the Covid-19 health data secure – Covid-19 data will be special category data and deemed high risk. This means that if you have a breach of this data you will need to notify it to the ICO. A breach could happen by someone losing a print-out of the names of Covid-19 employees, customers or visitors. It could also happen if you set access rights to lists of Covid-19 sufferers open to more people than need to know the information. The risk of ICO enforcement action increases with the potential harm the disclosure could cause. Although the ICO has indicated that it will be understanding about the impact of Covid-19 on normal operations, this doesn’t mean that they will not prosecute you if the breach is sufficiently serious.
Destroy the data once you don’t need it – Finally, of course, make sure that you delete data at the end of your needs. This might last longer than the pandemic, for example if you have an insurance claim or ongoing litigation. If you do need to keep it, consider whether or not you can delete some of the data to minimise what you hold.
It would be prudent to take legal advice early in relation to any issue you foresee in performing a contract. This will allow you to:
- Ensure that initial contact with your counterparty is framed in the correct way
- Ensure that any variations are fully documented so that both parties are fully protected
Damien Charlton, Julie Huntingdon and Chris Hugill look at the SRA Standards and Regulations (STaRS) for solicitors which came into effect late 2019, and represented a whole new regulatory landscape for the legal profession. The enhanced reporting and transparency obligations have an important impact on in-house practice, so this webinar gives you the opportunity to reflect on how the new rules impact on in-house lawyers, in both your professional and personal lives.
This webinar is part of a series designed for in-house lawyers. If you would like to register to receive invitations to future events for in-house legal counsel, please email damien.charlton@wardhadaway.com.
Employers had the ability to furlough extremely vulnerable employees who needed to shield.
If your employee is on sick leave or self-isolating as a result of Coronavirus, including as a result of track and trace, they’ll be able to get Statutory Sick Pay, subject to other eligibility conditions applying.
There is no special exemption for them, so they would need to meet the usual requirements to be placed on Flexible Furlough after 1 July 2020. i.e. They had to have been placed on furlough for at least 3 weeks before 1 July. Otherwise, they could not be furloughed.
If your visa has expired or will do before you are able to safely leave the UK, you can apply for “Exceptional Indemnity” by contacting the Coronavirus Immigration Team. You will need to provide evidence as to why you cannot leave, which could include a positive Covid-19 test or evidence of being unable to make travel arrangements to leave the UK in time.
You should note that “Exceptional Indemnity” does not extend your leave, but temporarily protects you from adverse action being made against you as result of overstaying your visa.