Legal Person – €20,050 Fine (Czech Republic, 2020)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A company in the Czech Republic was fined €20,050 for processing personal data without a legal basis. They collected and used data from public registers without permission and ignored requests for data access. This case emphasizes the need for businesses to have a valid reason to process personal data and to respond to user requests.
What happened
A company processed personal data from public registers without proper legal grounds and ignored access requests.
Who was affected
Self-employed individuals whose names, surnames, and ID numbers were processed by the company were affected.
What the authority found
The Czech DPA found the company lacked a valid legal basis for processing personal data and failed to comply with access requests, violating GDPR.
Why this matters
This case serves as a reminder that businesses must ensure they have a legal basis for processing personal data and must comply with user rights under GDPR. Ignoring these obligations can result in significant fines.
GDPR Articles Cited
The Czech DPA has imposed a fine of EUR 20,050 on a legal person. The accused processes hundreds of thousands of personal data on the website about self-employed persons without legal basis, at least in the scope of name, surname and ID number, when these personal data are translated from the commercial, trade and other public registers. Moreover, the accused did not respond to requests for access to personal data.
Related Enforcement Actions (20)
Other enforcement actions involving Legal Person in CZ
Fine
€20K
Details
Fine Date
30 September 2020
Authority
Úřad pro ochranu osobních údajů
Fine Amount
€20,050
Enforcement Tracker ID
ETid-2828
About this data
Cite as: Cookie Fines. Legal Person - Czech Republic (2020). Retrieved from cookiefines.eu
Last updated: