GGD Flevoland – Court Ruling (Netherlands, 2019)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A Dutch court ruled that the City Council should have allowed access to personal data related to a social support application. The court found that the City Council and other public entities were responsible for the data, but the data was destroyed after the application was denied. This case highlights the importance of data access rights under GDPR.
What happened
The City Council denied access to personal data related to a social support application, which was later destroyed.
Who was affected
The person who applied for social support and whose personal data was processed and then destroyed.
What the authority found
The court decided that the City Council should have granted access to the personal data, but the refusal was legitimate since the data was destroyed.
Why this matters
This ruling emphasizes the need for public entities to manage personal data access requests properly and highlights the shared responsibility among joint controllers. It serves as a reminder for entities to maintain data integrity and availability.
GDPR Articles Cited
The claimant’s son applied for social support at home. Following the application, the City Public Health Department investigated and addressed a recommendation on whether the social support should be granted to the City Council. The City Council decided to not grant the social support. Then, the claimant requested a copy of the files processed during the application process, including the son's personal data related to his medical files. The City Council refused to grant the access. Who is the relevant controller? The Court first considered that all public entities involved in the application process and not only the City Council were joint controllers. Thus, the access request regarding the personal data could have been sent to the City Public Health Department as well. Then, the Court considered that the access to the personal data should have been granted by the City Council under the data protection law. However, the City Council already destroyed the personal data after it refused to grant the social support. Therefore, the Court considered that the refusal was legitimate.
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for GGD Flevoland in NL
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. GGD Flevoland - Netherlands (2019). Retrieved from cookiefines.eu
Last updated: