Merchant
€10,000
Non-compliance with general data processing principles
Ημερομηνία απόφασης
17 Σεπτεμβρίου 2019
Αρχή
Belgian Data Protection Authority (APD)
BE
Τομέας
Industry and Commerce
Χώρα
BE
Νόμος
GDPRΚατάσταση
FINALΠεριγραφή
The Belgian data protection authority has imposed a fine of 10,000 euros on a merchant who wanted to use an electronic identity card (eID) to create a customer card. The DPA's investigation revealed that the merchant required access to personal data located on the eID, including the photo and barcode which is linked to the data subject's identification number. In the meantime, the decision of the data protection authority has been annulled by a court: link
Νομικές παραπομπές
Art. 5 (1)
Θέματα & Παραβάσεις
Non-compliance with general data processing principles