HOIST FINANCE AB – Court Ruling (Netherlands, 2021)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A Dutch court ruled on a case involving Hoist Finance about how they handled personal data related to loan payments. The court is seeking guidance from the Supreme Court on whether the company followed the rules for processing this data. This case is important because it could clarify how companies should manage personal data in credit situations.
What happened
The court is reviewing whether Hoist Finance correctly processed personal data after a loan was settled.
Who was affected
A person who took out a loan with Hoist Finance and had their data registered due to payment issues.
What the authority found
The court is asking the Supreme Court to clarify the legal rules for processing personal data in this context.
Why this matters
This ruling could set important guidelines for how financial companies handle personal data, impacting many businesses in the credit industry.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
This case concerns an interlocutory judgment in the case [https://uitspraken.rechtspraak.nl/inziendocument?id=ECLI:NL:RBAMS:2021:174&showbutton=true&keyword=C%2f13%2f694440%2fKG C/13/694440/KG ZA-20-1118 MvW/JE dated 21 January 2021], in which the interim relief judge of the District Court of Amsterdam referred questions to the Dutch Supreme Court for a preliminary ruling pursuant to Section 392 RV. Controller is Hoist Finance. The data subject had taken out a loan with the controller. The controller claimed this credit after payment arrears had occurred. Because payment arrears had occurred, the data subject was registered in the Central Credit Information System (CKI) of the Credit Registration Office (BKR) with a special code "A". This special code was then adjusted in the following months do display that the claim had been claimed, and that the amount exceeded a certain threshold. After the debt had been settled, and the processor notified the controller of this, the controller ensured the data subject that it would have the entry removed from the BKR registration, which indicated that the amount of the claim exceeded a certain threshold. Because the controller did not comply with the request, the data subject submitted another request, which was rejected by the controller. The District Court of Amsterdam referred the following preliminary questions were put to the Supreme Court: 1. Must the processing of specific personal data by a credit institution, by means of an individual registration in the system of BKR, be assessed in accordance with the provisions of Article 6(1)(c), Article 6(1)(f) GDPR, or both provisions? 2. Does the answer to Question 1 mean: a) that the person whose personal data have been recorded is not entitled to invoke the right to erasure provided for in Article 17 GDPR? b) that person is not entitled to a right of objection as referred to in Article 21 GDPR? 3. If the answer to Question 2b means that, in the case
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (1)
Other cases involving HOIST FINANCE AB in NL
Details
About this data
Cite as: Cookie Fines. HOIST FINANCE AB - Netherlands (2021). Retrieved from cookiefines.eu
Last updated: