Oney Servicios Financieros E.F.C. – €50,000 Fine (Spain, 2023)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Oney Servicios Financieros E.F.C. was fined €50,000 for sharing a person's credit information after a debt was canceled. This case shows that companies must ensure they have the right to share personal data before doing so.
What happened
The Spanish DPA fined Oney for unlawfully submitting a person's data to a credit system despite the debt being canceled.
Who was affected
A person whose canceled debt information was improperly shared with a credit information system.
What the authority found
The DPA found that the disclosure of the person's personal data was unlawful due to the cancellation of the debt.
Why this matters
This case serves as a reminder that businesses must verify the accuracy of debt information before sharing it. Companies should implement checks to avoid similar violations.
GDPR Articles Cited
The Spanish DPA has imposed a fine of EUR 50,000 on Oney Servicios Financieros E.F.C... The controller had submitted data from the data subject to a credit information system because of an alleged debt. However, the debt had been cancelled, which was also confirmed by a court ruling. For this reason, the DPA determined that the disclosure of the data subject's personal data was unlawful.
Related Enforcement Actions (0)
No other enforcement actions found for Oney Servicios Financieros E.F.C. in ES
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
23 October 2023
Authority
Agencia Española de Protección de Datos
Fine Amount
€50,000
Enforcement Tracker ID
ETid-2217
About this data
Cite as: Cookie Fines. Oney Servicios Financieros E.F.C. - Spain (2023). Retrieved from cookiefines.eu
Last updated: