Clemens Bar ApS – Complaint Upheld (Denmark, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Clemens Bar ApS was challenged for refusing a request to access CCTV footage, but the DPA upheld the bar's decision. This is important because it shows that there are limits to data access requests when public interest is at stake. Businesses should understand when they can deny access to personal data.
What happened
A data subject requested access to CCTV footage, but Clemens Bar ApS refused the request.
Who was affected
The individual who sought access to their personal data captured on CCTV.
What the authority found
The DPA upheld the bar's refusal to provide access, citing public interest in crime prevention.
Why this matters
This case highlights the balance between individual rights and public interest. Businesses should be aware of the circumstances under which they can deny access to personal data.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
National Law Articles
A data subject filed an access request under Article 15 GDPR with Clemens Bar ApS (a controller). The data subject wished to access CCTV footage. The controller refused the request, claiming the CCTV was installed in response to an order from [https://www.kk.dk/politik/lokaludvalg-saerlige-udvalg-raad-og-naevn/naevn/bevillingsnaevnet the Licensing Board] (Bevillingsnævnet). The Licensing Board is a body responsible for granting alcohol license to bars. As explained by the controller, the CCTV served the purpose of crime prevention and the recordings were used by Police to criminal activity. The access to the CCTV footage would then disclose the location of CCTV and jeopardise its purpose. Thus, the controller called upon Article 22(2)(3)(4) of [https://www.datatilsynet.dk/media/7753/danish-data-protection-act.pdf Data protection act], allowing for restricting access request, in particular, when the data subject interest was overridden by public interest, namely public security and crime prevention. The data subject filed a complaint with the Danish DPA (Datatilsynet). After receiving the complaint, forwarded by the DPA, the controller again refused to provide access to the data. Hence, the data subject filed another complaint against the controller. During the proceedings, the controller sustained their reasoning. Additionally, the controller also mentioned that the answer to access request was not technically feasible, since the controller was unable to anonymise the image of other data subjects (blurring), without blurring the image of the data subject too. Afterwards, the controller stated a human error caused deletion of the data. The data subject claimed the access request was related to potential violation of Article 244 of the Criminal Code. The DPA upheld the complaint. The DPA expressed “serious criticism” over deletion of data subject’s data. Once the controller deleted the data, the data subject lost possibility to lodge an effective complaint aga
Outcome
Complaint Upheld
A data subject complaint that was upheld by the DPA.
Related Enforcement Actions (0)
No other enforcement actions found for Clemens Bar ApS in DK
This is the only recorded action for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Clemens Bar ApS - Denmark (2024). Retrieved from cookiefines.eu
Last updated: