Company – €492,000 Fine (Germany, 2025)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
Another company in Germany was fined €492,000 for using an automated system that wrongly denied credit applications without human review. This is important because it shows that companies need to ensure fairness and transparency in their decision-making processes, especially when it affects people's finances.
What happened
The company used an automated system to decide on credit applications, which incorrectly declined applicants with good credit scores.
Who was affected
Applicants whose credit applications were denied despite having good credit scores were affected.
What the authority found
The data protection authority found that the company failed to provide adequate responses to requests for information about the negative credit decisions.
Why this matters
This ruling emphasizes the need for companies to have human oversight in automated decision-making processes. Businesses should review their systems to ensure they are fair and transparent.
The DPA of Hamburg has imposed a fine of EUR 492,000 on a company in the finance sector. The controller used automated systems to decide whether to approve a credit application, with no human input. This system incorrectly declined applications from applicants with a good credit score. When asked for the reasons for the negative decision, the controller also failed to respond adequately to these information requests.
Related Enforcement Actions (20)
Other enforcement actions involving Company in DE
Fine
€492K
Details
Fine Date
30 September 2025
Authority
Bundesbeauftragter für den Datenschutz
Fine Amount
€492,000
Enforcement Tracker ID
ETid-2892
About this data
Cite as: Cookie Fines. Company - Germany (2025). Retrieved from cookiefines.eu
Last updated: