Arp Hansen Hotel Group A/S
€147,800
Non-compliance with general data processing principles
Дата на решението
28 юли 2020 г.
Орган
Danish Data Protection Authority (Datatilsynet)
DK
Сектор
Accomodation and Hospitality
Държава
DK
Право
GDPRСтатус
FINALОписание
During an inspection, the supervisory authority reviewed a number of IT systems to examine whether Arp-Hansen had sufficient procedures in place to ensure that personal data were not kept longer than necessary for the purposes of collection. It was found that one of the reservation systems contained a large amount of personal data that should already have been deleted in accordance with the deletion deadlines set by Arp-Hansen itself.
Правни цитати
Art. 5 (1)
Въпроси и нарушения
Non-compliance with general data processing principles