Vulnerable Customer Policy
Here’s a clear overview of UK telecom compliance requirements that specifically affect individual (consumer) customers — focusing on regulatory duties for service providers and protections/requirements relating to individual customers in the UK telecom sector.
📌 1. Core Regulatory Framework
Ofcom and the Communications Act
UK telecoms are regulated primarily by Ofcom (Office of Communications) under the Communications Act 2003 and subsequent General Conditions of Entitlement. These rules govern how providers must treat individual customers, what contractual information they must provide, and how complaints must be handled. �
www.ofcom.org.uk
General Conditions of Entitlement
Providers must comply with numerous conditions that apply to services offered to residential customers (individuals), including:
Clear information about contracts (e.g., pricing, duration, exit fees). �
www.ofcom.org.uk
Supporting easy switching between providers (e.g., One Touch Switch for residential broadband/landline). �
www.ofcom.org.uk
Proper complaints handling procedures and membership in approved dispute resolution schemes (ADR). �
www.ofcom.org.uk
📌 2. Customer Verification / “Know Your Customer” (KYC)
New rules have been introduced (applicable from 2024 onward) requiring telecom providers (and their intermediaries) to collect identity information before issuing UK numbers:
For individual customers:
Proof of Identity (e.g., passport, driver’s license). �
Aircall Support
Proof of Address (e.g., utility bill, tax notice) — a valid UK address for local services. �
Aircall Support
This is designed to combat fraud, nuisance calls/spam, and improve accountability for allocated numbers.
Aircall Support
📌 3. Data Protection and Marketing Compliance
Privacy and Electronic Communications Regulations (PECR)
PECR implements EU-derived telecom privacy rules in UK law.
Stricter consent requirements apply when contacting individual customers — for example, unsolicited marketing calls/texts often require prior consent for individuals, and lists must be screened against the Telephone Preference Service (TPS). �
Sprintlaw UK +1
Telephone Preference Service (TPS)
Individuals can register their phone numbers on the TPS to opt out of unsolicited marketing calls. Providers and marketers are legally required to screen against this list when making calls. �
Wikipedia
General Data Protection Regulation / UK GDPR
Telecom providers handling customer personal data must comply with UK GDPR and the Data Protection Act — including lawful bases for processing, transparency, and security of personal data. (Note: this is separate legislation but directly relevant for individual customer compliance.)
📌 4. Consumer Rights and Protection
Contract Transparency
Providers must give individual customers a clear summary of contract key terms (e.g., cost, duration, early exit fees). This was enforced following Ofcom’s updated General Conditions. �
Chambers
Complaints and Redress
Providers must have formal complaint procedures that meet minimum standards.
They must belong to an alternative dispute resolution (ADR) scheme (e.g., CISAS or Communications Ombudsman) so individuals can escalate unresolved disputes. �
www.ofcom.org.uk
Vulnerable Customers
Ofcom and the UK Government have initiatives to protect vulnerable users (e.g., ensuring continuity of critical services like personal alarms during network upgrades), and providers are encouraged to identify and support vulnerable individual customers. �
GOV.UK +1
📌 5. Security & Resilience Obligations
Although not customer-specific in isolation, modern UK telecom compliance includes security duties under the Telecommunications (Security) Act 2021:
Providers must safeguard networks and services against security risks — protecting customers’ service continuity and data integrity. �
Wikipedia
Failure to meet these obligations can result in significant fines (up to a percentage of turnover or daily penalties). �
Burges Salmon
📌 6. Summary Checklist for Individual Customer Compliance
For telecom providers serving individuals in the UK: ✔ Collect and verify customer identity/address where required (new KYC rules). �
✔ Provide clear, transparent contract information. �
✔ Comply with privacy rules (PECR, GDPR) and respect opt-out lists like TPS. �
✔ Maintain approved complaint handling and ADR membership. �
✔ Support vulnerable customers and accessible service procedures. �
✔ Ensure security of networks and services per UK security legislation. �
Aircall Support
www.ofcom.org.uk
ICO
www.ofcom.org.uk
House of Commons Library
Wikipedia
If you want, I can also provide links to specific regulatory texts (like Ofcom’s General Conditions or PECR guidance) or create a compliance checklist template for your business.