eCommerce 2020 ApS – €51,000 Fine (Iceland, 2023)

€51,000Persónuvernd27 June 2023Iceland
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

eCommerce 2020 ApS was fined for improperly reporting loan defaults to a credit scoring company. The Icelandic DPA found that the company did not clearly inform borrowers about the consequences of non-payment. This case serves as a warning for businesses to be transparent about how they handle loan information.

What happened

eCommerce 2020 ApS sent information about loan defaults to a credit scoring company without properly informing borrowers.

Who was affected

Borrowers who were not adequately informed about the consequences of their loan defaults.

What the authority found

The Icelandic DPA concluded that eCommerce 2020 ApS failed to meet the necessary conditions for processing personal data related to loan defaults.

Why this matters

This ruling underscores the need for clear communication with customers regarding loan terms and consequences. Companies should ensure their loan agreements are transparent and compliant with data protection rules.

GDPR Articles Cited

AI-verified

Art. 5(1) GDPR
Art. 6(1) GDPR
Art. 8 laga nr. 90/2018 GDPR
Art. 9 laga nr. 90/2018 GDPR
View original scraped data
Art. 5(1) GDPR
(2) GDPR
Art. 6(1) GDPR
Art. 8 laga nr. 90/2018
Art. 9 laga nr. 90/2018

Original data from scraper before AI verification against source document.

Source verified 12 March 2026
articles corrected
national law identified
amount discrepancy
Iceland enforcementPersónuvernd actionsAll eCommerce 2020 ApS actions
Full Legal Summary
Detailed

The Icelandic DPA has imposed a fine of EUR 51,000 on eCommerce 2020 ApS. The controller had submitted information on loan defaults for registration even though the required registration conditions for this have not been in place. For instance, unpaid small loans were registered although they were below the required minimum amount. In assessing the fine, the fact that a large number of people were affected by the incident and that the controller was pursuing profits were considered aggravating factors.

Related Enforcement Actions (1)

Other enforcement actions involving eCommerce 2020 ApS in IS

Current
Jun 2023

Fine

€51K

Fine
Jul 2023· Persónuvernd

A company offering so-called "small loans" - eCommerce 2020 ApS (eCommerce) – sent information about non-payments of loans for registration at a credi...

€51K

Details

Fine Date

27 June 2023

Authority

Persónuvernd

Fine Amount

€51,000

Enforcement Tracker ID

ETid-1948

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. eCommerce 2020 ApS - Iceland (2023). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: