Company
€492,000
Non-compliance with general data processing principles
Data della decisione
30 settembre 2025
Autorità
Data Protection Authority of Hamburg (HmbBfDI)
DE
Settore
Industry and Commerce
Paese
HU
Legge
GDPRStato
FINALDescrizione
The DPA of Hamburg has imposed a fine of EUR 492,000 on a company in the finance sector. The controller used automated systems to decide whether to approve a credit application, with no human input. This system incorrectly declined applications from applicants with a good credit score. When asked for the reasons for the negative decision, the controller also failed to respond adequately to these information requests.
Problemi e violazioni
Non-compliance with general data processing principles