Company – €1,400 Fine (Hungary, 2021)

€1,400Nemzeti Adatvédelmi és Információszabadság Hatóság27 April 2021Hungary
final
Fine

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

A Hungarian company was fined EUR 1,400 for recording a phone call without telling the caller or getting their consent. The call was shared with the caller's employer, who then fired him. This case highlights the importance of transparency and having a legal reason to process personal data.

What happened

A company recorded a phone call without informing the caller or obtaining consent and shared it with the caller's employer.

Who was affected

The person who made the phone call and had their conversation recorded and shared with their employer.

What the authority found

The authority found that the company processed personal data without a legal basis and failed to inform the caller about the recording, violating GDPR rules.

Why this matters

This case underscores the need for companies to be transparent about data collection and to ensure they have a valid reason for processing personal data. Businesses should review their data handling practices to avoid similar violations.

GDPR Articles Cited

Art. 6 GDPR
Art. 13 GDPR
Art. 5(1) GDPR
Hungary enforcementNemzeti Adatvédelmi és Információszabadság Hatóság actionsAll Company actions
Full Legal Summary
Detailed

The Hungarian DPA (NAIH) has imposed a fine of EUR 1,400 on a company. In the course of his professional activities, a data subject had made a telephone call to the controller on September 23, 2019. The controller had recorded the conversation without informing the data subject or obtaining his consent and then provided it to the company where the data subject was employed. The employer of the data subject subsequently terminated his employment because the recorded telephone call apparently did not meet the company's service and professional standards. The DPA finds that the controller not only processed the data subject's data without a legal basis, but also breached its accountability obligation by failing to demonstrate the lawfulness of the processing. In addition, the controller violated its duty to provide information under Art. 13 GDPR.

Related Enforcement Actions (2)

Other enforcement actions involving Company in HU

Fine
Apr 2021· Nemzeti Adatvédelmi és Információszabadság Hatóság

The Hungarian DPA (NAIH) has imposed a fine of EUR 570 on a company. In the course of his professional activities, a data subject had made a telephone...

€570
Current
Apr 2021

Fine

€1K

Fine
Apr 2023· Nemzeti Adatvédelmi és Információszabadság Hatóság

The Hungarian DPA has imposed a fine of EUR 13,300 on a company. A customer had filed a complaint with the DPA because a conversation, which they had ...

€13K

Details

Fine Date

27 April 2021

Authority

Nemzeti Adatvédelmi és Információszabadság Hatóság

Fine Amount

€1,400

Enforcement Tracker ID

ETid-692

Sources

About this data

Data: CMS GDPR Enforcement Tracker
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Company - Hungary (2021). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: