Anonymous (Complainant - physical person) – €50,000 Fine (Belgium, 2020)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A Belgian company was fined EUR 50,000 for mishandling personal data related to a parking fine. The company failed to provide proper information and access to the data when requested by the person involved. This case highlights the importance of transparency and timely responses to data requests.
What happened
A company mishandled personal data while issuing and collecting a parking fine, failing to provide proper information and access to the data.
Who was affected
The person who received a parking fine and requested information about their personal data processing.
What the authority found
The Belgian Data Protection Authority found that the company violated GDPR by not providing adequate information and access to the person's data.
Why this matters
This case underscores the need for companies to be transparent and responsive to data access requests. It serves as a reminder that even small businesses must comply with data protection rules when handling personal information.
GDPR Articles Cited
Entities Involved
The complainant was fined by the first defendant ( a private company mandated to ensure the respect of municipal street parking regulations) for a violation of municipal street parking regulations. In order to establish the violation of municipal regulations and issue the fine, the first defendant collected personal data directly from the complainant including data extracted from the Belgian national register, the DIV (department for vehicle registration) and a photo of her car. The DIV was consulted by the first defendant the day after the fine was issued (which was not necessary). The first defendant claims to have sent a reminder to the complainant concerning the payment of the fine. Having received no response, it transferred this data to the second defendant, a bailiff's office to be reused and processed in the context of the collection of the fee (processing allowed by article 519 of the Belgian judiciary code). After having received a formal notice from the second defendant asking her to pay the fine with interests, the complainant wrote to the second defendant claiming she had not received an invitation to pay , nor a reminder from the first defendant and also asked to exercise her right of access and information concerning the data processed by the second defendant. The complainant then also made a similar request with the first defendant. The complainant only received a partial response from the second defendant in the allotted time. The first defendant did not respond to her request and redirected her to the second defendant. Pursuant to this lack of satisfactory answers from the defendants, the complainant lodged a complaint with the Belgian Data Protection Authority stating the following violations : As to the first defendant: - a breach of her right to information (Articles 12 and 14 of the GDPR) - a breach of her right of access (article 15 of the GDPR) - a breach of Article 28 of the GDPR with regard to the quality of subcontractor of
Related Enforcement Actions (0)
No other enforcement actions found for Anonymous (Complainant - physical person) in BE
This is the only recorded action for this entity in this jurisdiction.
Details
Fine Date
23 December 2020
Authority
Autorité de Protection des Données
Fine Amount
€50,000
GDPRhub ID
gdprhub-3090About this data
Cite as: Cookie Fines. Anonymous (Complainant - physical person) - Belgium (2020). Retrieved from cookiefines.eu
Last updated: