HelloFresh fined for millions of spam texts and emails

The Information Commissioner’s Office (ICO), the UK’s data watchdog, issued a £140K ($178K) fine to HelloFresh for sending 79 million spam emails and one million texts in only seven months.

HelloFresh, a major meal-kit provider, received a hefty fine for a tsunami of marketing messages that it flooded people with. According to the ICO, the messages were sent based on a clause included in an age confirmation statement, which users were unlikely to notice.

“Customers were also not given sufficient information that their data would continue to be used for marketing purposes for up to 24 months after canceling their subscriptions,” the ICO said in a statement.

According to the data watchdog, HelloFresh sent over 80 million messages between August 23rd, 2021, and February 23rd, 2022, including 79.7 million emails and over 1.1 million text messages. Meanwhile, the ICO believes that the consent statement for these messages did not meet the requirements for “specific” and “informed,” meaning they lacked proper consent.

“This marked a clear breach of trust of the public by HelloFresh. Customers weren’t told exactly what they’d be opting into, nor was it clear how to opt out. From there, they were hit with a barrage of marketing texts they didn’t want or expect, and in some cases, even when they told HelloFresh to stop, the deluge continued,” Andy Curry, Head of Investigations at the Information Commissioner’s Office, said.

HelloFresh, headquartered in Berlin, was established in 2011 and operates in the US, Canada, Australia, Austria, Germany, Italy, France, and other countries. The company controls nearly a third of the meal kit market in the US, making it a significant global player. The company has almost 15k staff and enjoyed a revenue exceeding $8.5 billion in 2022.