Debt collector

€1,560

Non-compliance with general data processing principles

Date de décision

20 février 2019

Autorité

Hungarian National Authority for Data Protection and the Freedom of Information (NAIH)

HU

Secteur

Finance, Insurance and Consulting

Pays

HU

Droit

GDPR

Statut

FINAL

Description

A data subject requested information about and erasure of the data processed, which the debt collector refused stating that it could not identify the subject. For identification purposes he requested place of birth, mother’s maiden name and further details from the data subject. After the controller succeeded to identify the data subjects he refused to comply with the deletion request, arguing he is legally obliged to retain backup copies according to the Accountancy Act and internal policies. Since he did not properly inform about these policies, the NAIH held the controller breached the principle of transparency. The fine constitutes 0.0025% of the annual profit of the controller.

Citations légales

Art. 5 (1)Art. 5 (1)

Questions et violations

Non-compliance with general data processing principles
Voir le document officiel
Retour à la base de données des amendes
Précédent Amende
Data Protection Commissioner of Malta - Lands Auth...
Prochaine amende
Data Protection Authority of Hamburg (HmbBfDI) - C...

Restez informé sur l'application de la législation en matière de protection de la vie privée

Nous respectons votre vie privée. Un courriel par mois, pas de spam, désabonnement à tout moment.