Arp Hansen Hotel Group A/S
€147,800
Non-compliance with general data processing principles
Datum för beslut
28 juli 2020
Myndighet
Danish Data Protection Authority (Datatilsynet)
DK
Sektor
Accomodation and Hospitality
Land
DK
Lag
GDPRStatus
FINALBeskrivning
During an inspection, the supervisory authority reviewed a number of IT systems to examine whether Arp-Hansen had sufficient procedures in place to ensure that personal data were not kept longer than necessary for the purposes of collection. It was found that one of the reservation systems contained a large amount of personal data that should already have been deleted in accordance with the deletion deadlines set by Arp-Hansen itself.
Rättsliga hänvisningar
Art. 5 (1)
Frågor och överträdelser
Non-compliance with general data processing principles