With GDPR complaints rising, UK regulator quietly issued notice of violation