Financial Enterprise – €2,850 Fine (Hungary, 2019)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A financial company in Hungary was fined for transferring a client's data to a third party after the client objected. The company did not properly inform the client about how their data was being used.
What happened
A financial enterprise transferred a client's data to a third party despite the client's objection.
Who was affected
A client of the financial enterprise who objected to the processing and transfer of their data.
What the authority found
The authority found that the company could not rely on the contract's performance as a legal basis for data transfer and failed to conduct a necessary balancing test for legitimate interest.
Why this matters
This case serves as a warning to companies about the importance of respecting client objections to data processing and ensuring transparency. It also highlights the need for a thorough assessment of legitimate interests when transferring data.
GDPR Articles Cited
A client of a financial enterprise complained that the financial enterprise transferred his data after he objected against the processing and did not provide information on the processing of his data at his request. According to the financial enterprise, it sold its claim stemming from the contract concluded with its client to a third party, therefore such transaction necessitated the transfer of the relevant client data. NAIH highlighted that the financial enterprise sold the concerning claim and transferred the respective data after the non-fulfilment of the concerning contract by the client; this also means that the financial enterprise cannot rely on the performance of the contract concluded with the client. The relevant legal basis would have been the legitimate interest of the controller, where a balancing test is also necessary, describing its interest in transferring the claim and the relevant data to a third party.
Related Enforcement Actions (0)
No other enforcement actions found for Financial Enterprise in HU
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
26 June 2019
Authority
Nemzeti Adatvédelmi és Információszabadság Hatóság
Fine Amount
€2,850
Enforcement Tracker ID
ETid-255
About this data
Cite as: Cookie Fines. Financial Enterprise - Hungary (2019). Retrieved from cookiefines.eu
Last updated: