Unknown – €19,200 Fine (Czech Republic, 2020)

€19,200Úřad pro ochranu osobních údajů1 January 2020Czech Republic
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

A company in the Czech Republic was fined EUR 19,200 for illegally copying personal data from public registers. This case matters because it shows that even publicly available data must be handled lawfully. The decision reinforces the need for companies to have a valid reason for collecting personal data.

What happened

The company copied personal data from public registers without a valid reason.

Who was affected

Individuals whose personal data was taken from public registers by the company.

What the authority found

The authority ruled that the company illegally processed personal data by copying it from public registers without necessity.

Why this matters

This case emphasizes that companies must have a legitimate reason for collecting personal data, even if it's publicly available. It serves as a warning that improper use of public data can result in significant fines.

GDPR Articles Cited

Art. 15(GDPR)
Art. 16(GDPR)
Art. 17(GDPR)
Art. 18(GDPR)
Art. 19(GDPR)
Art. 20(GDPR)
Art. 21(GDPR)
Art. 22(GDPR)
Art. 5(1)(a) GDPR
Art. 6(1) GDPR
Art. 12(2) GDPR
Czech Republic enforcementÚřad pro ochranu osobních údajů actionsAll Unknown actions
Full Legal Summary
Detailed

A company copied personal data from public registers, which was considered illegal by the Czech DPA, as it was not deemed necessary.

Related Enforcement Actions (11)

Other enforcement actions involving Unknown in CZ

Fine
Oct 2018· Úřad pro ochranu osobních údajů

Information was not provided.

€388
Fine
Feb 2019· Úřad pro ochranu osobních údajů

Information was not provided.

€776
Fine
Feb 2019· Úřad pro ochranu osobních údajů

Data was not processed in a manner that ensures appropriate security of the personal data, including protection against unauthorised or unlawful proce...

€582
Fine
Mar 2019· Úřad pro ochranu osobních údajů

Data was not only processed if adequate, relevant and limited to what is necessary in relation to the purposes for which they are processed ('data min...

€10K
Fine
May 2019· Úřad pro ochranu osobních údajů

Information was not provided.

€194
Fine
Jan 2020· Úřad pro ochranu osobních údajů

A person had received an invoice for ordered goods, which, however, came from a different company than the one from which she had ordered the goods. T...

€2K
Fine
Jan 2020· Úřad pro ochranu osobních údajů

A company stored biometric signatures of its customers, which violated the principle of data minimization.

Fine
Jan 2020· Úřad pro ochranu osobních údajů

State-subsidized organization shared photos of its employees on its website without a sufficient legal basis.

Current
Jan 2020

Fine

€19K

Fine
May 2020· Úřad pro ochranu osobních údajů

The Czech DPA (UOOU) imposed a fine against a company for processing personal data without a sufficent legal basis. Several individuals were contacted...

Fine
Jan 2021· Úřad pro ochranu osobních údajů

The Czech DPA (UOOU) fined 11 companies a total of EUR 118,500 for sending unrequested postal advertising messages to the mailboxes of various citizen...

€119K
Fine
Jun 2021· Úřad pro ochranu osobních údajů

The Czech DPA has imposed a fine of EUR 2,000 on an unknown controller. The accused did not respond to the subject's request to disclose what informat...

€2K

Details

Fine Date

1 January 2020

Authority

Úřad pro ochranu osobních údajů

Fine Amount

€19,200

Enforcement Tracker ID

ETid-655

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Unknown - Czech Republic (2020). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: