Stichting Bureau Krediet Registratie – Court Ruling (Netherlands, 2022)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A Dutch court ruled that Stichting Bureau Krediet Registratie must remove a negative code from a person's credit record. This decision is significant because it reinforces that companies must accurately manage personal data and cannot keep misleading information. It highlights the need for transparency in credit reporting.
What happened
The court ordered the removal of a '9 Dispute' code that negatively affected a person's creditworthiness.
Who was affected
A person whose credit information was affected by the negative code added by the credit registration company.
What the authority found
The court found that the registration of the '9 Dispute' code was unlawful and ordered its removal under GDPR.
Why this matters
This case underscores the importance of accurate data management in credit reporting. Companies in this sector should ensure they comply with data protection laws to maintain trust and avoid legal issues.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
The controller is Stichting Bureau Krediet Registratie (BKR), which manages the credit information register (CKI). This register provides an overview of the creditworthiness of people since credit providers (banks etc.) can register (severe) debts of individuals. There were three registrations related to the data subject in the CKI, with special codes that indicated that there had been several payment arrears. In 2021, the data subject requested the BKR to have these registrations and/or these special codes erased, but the controller refused. The data subject then brought the issue before Court, which granted his claim and ordered BKR to erase the codes. The controller then appealed this decision. After some initial hesitations, the controller removed the codes from the registrations, but added a new code “9 Dispute”. The data subject then requested the controller to remove this new code because he claimed that it also negatively affected his creditworthiness (even more than with the previous codes), but the controller refused and explained that this code had been added to explain that the removal of the special codes is still disputed in court (namely: the appeal). After the data subject was refused credit from a credit provider because of this new special code, he brought the issue before court to have this code “9 Dispute” erased pursuant to Article 17(1)(d) GDPR, and to keep having this code erased. The Court decided that the registration was unlawful and ordered the controller to remove the special code “9 Dispute” from the registration pursuant to Article 17(1)(d) GDPR. First, it considered that the data subject did not explain what the legal basis was to have the actual registrations removed (rather than only the special codes that are linked to the registrations), or why this should follow from the circumstances of the case. Hence, it rejected the claim to have the actual registrations removed. Second, it considered that the claim to have the special co
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (1)
Other cases involving Stichting Bureau Krediet Registratie in NL
Details
About this data
Cite as: Cookie Fines. Stichting Bureau Krediet Registratie - Netherlands (2022). Retrieved from cookiefines.eu
Last updated: