Unknown – €97,150 Fine (Hungary, 2020)

€97,150Nemzeti Adatvédelmi és Információszabadság Hatóság16 December 2020Hungary
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

A Hungarian credit institute was fined for collecting too much personal data from parents applying for a childbirth incentive loan. The institute copied the entire pregnancy booklet, which was unnecessary and violated data protection rules. This case highlights the importance of collecting only the data needed for a specific purpose.

What happened

A credit institute copied entire pregnancy booklets from parents applying for a loan, collecting excessive personal data.

Who was affected

Parents applying for a childbirth incentive loan who had their pregnancy booklets copied by the credit institute.

What the authority found

The Hungarian DPA found the credit institute violated data protection rules by collecting more data than necessary, lacking a valid legal basis.

Why this matters

This decision emphasizes the principle of data minimization, reminding companies to only collect data necessary for their purposes. Businesses should review their data collection practices to ensure compliance with privacy laws.

GDPR Articles Cited

Art. 12 GDPR
Art. 5(1)(c) GDPR
Art. 6(1) GDPR
Art. 9(1) GDPR
Hungary enforcementNemzeti Adatvédelmi és Információszabadság Hatóság actionsAll Unknown actions
Full Legal Summary
Detailed

The Hungarian DPA (NAIH) imposed a fine of EUR 97,150 against a credit institute. Two parents contacted the Hungarian DPA regarding the processing of personal data by their credit institute related to a 'childbirth incentive loan'. The couple requested a suspension of repayment, for which they had to prove that the fetus is at least 12 weeks old. To certify this fact, the controller copied their entire pregnancy booklet. The NAIH found that the controller violated the principle of data minimization by copying the entire pregnancy booklet, which contained excessive amounts of health data, even though this was not necessary regarding the purpose of the processing. For this reason, the NAIH ultimately concluded that the controller had no legal basis for such extensive data processing

Related Enforcement Actions (6)

Other enforcement actions involving Unknown in HU

Fine
Dec 2018· Nemzeti Adatvédelmi és Információszabadság Hatóság

The fine was imposed for (i) not providing a data subject with CCTV recordings, (ii) not retaining recordings for further use by the data subject, and...

€3K
Fine
Apr 2019· Nemzeti Adatvédelmi és Információszabadság Hatóság

A data controller used a, in the point of view of NAIH, wrong legal basis for processing of personal data (Art. 6.1.b) for the assignment of claims.

€9K
Fine
Jun 2019· Nemzeti Adatvédelmi és Információszabadság Hatóság

The data controller did not fulfil its data breach notification obligations when a flash memory with personal data was lost.

€15K
Fine
Jun 2019· Nemzeti Adatvédelmi és Információszabadság Hatóság

The individual requested the deletion of his contact data (including his telephone number), however the controller further processed his contact data ...

€3K
Fine
Nov 2020· Nemzeti Adatvédelmi és Információszabadság Hatóság

The data subject had subscribed to a newsletter of the controller. After altering his/her e-mail address, he/she continued to receive the newsletter v...

€28
Fine
Dec 2020· Nemzeti Adatvédelmi és Információszabadság Hatóság

The Hungarian DPA (NAIH) imposed a fine of HUF 700,000 (EUR 1,940) against a construction company. The controller had installed a video surveillance s...

€2K
Current
Dec 2020

Fine

€97K

Details

Fine Date

16 December 2020

Authority

Nemzeti Adatvédelmi és Információszabadság Hatóság

Fine Amount

€97,150

Enforcement Tracker ID

ETid-568

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Unknown - Hungary (2020). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: