Innovasjon Norge – €95,500 Fine (Norway, 2021)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Norway's Datatilsynet fined Innovasjon Norge for running unauthorized credit checks on a person. The bank analyzed financial data without consent, violating privacy rules. This case highlights the importance of having a legal basis for processing personal data.
What happened
Innovasjon Norge conducted four credit checks on a person without any contractual basis or consent.
Who was affected
The person whose financial data was analyzed by Innovasjon Norge without consent.
What the authority found
The Norwegian DPA found that Innovasjon Norge lacked a valid legal basis for processing the person's financial data, violating GDPR rules.
Why this matters
This fine emphasizes the need for companies to ensure they have a legal basis, like consent, before processing personal data. Businesses should review their data handling practices to avoid similar penalties.
GDPR Articles Cited
The Norwegian DPA (Datatilsynet) fined the national development bank Innovasjon Norge NOK 1,000,000 (EUR 95,500). The controller had carried out four credit checks on the data subject without any contractual basis for doing so. For this purpose, the bank had analyzed numerous financial data of the data subject over a period of three months without the data subject's consent.
Related Enforcement Actions (0)
No other enforcement actions found for Innovasjon Norge in NO
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
4 January 2021
Authority
Datatilsynet (Norway)
Fine Amount
€95,500
Enforcement Tracker ID
ETid-507
About this data
Cite as: Cookie Fines. Innovasjon Norge - Norway (2021). Retrieved from cookiefines.eu
Last updated: