The Information Commissioner’s Office fined the supermarket £10,500 for deliberately sending 130,671 emails to people who had opted out of receiving marketing related to their Morrisons More card.
The emails, sent in October and November last year, were entitled "Your Account Details" and invited customers to change their marketing preferences to start receiving money-off coupons.
Morrisons broke the Privacy and Electronic Communication Regulations, the ICO confirmed.
A new law, the General Data Protection Regulation, will replace the 1998 Data Protection Act next year. GDPR will set a higher bar for the consent that companies must obtain from customers before using their personal data for marketing.
ICO deputy commissioner Simon Entwisle said: "It is vital that the public can trust companies to respect their wishes when it comes to how their personal information is used for marketing.
"These customers had explicitly told Morrisons they didn’t want marketing emails about their More card. Morrisons ignored their decision and for that we’ve taken action."