Court case VSL Sodba PRp 345/2019 – Court Ruling (Slovenia, 2020)

Court Ruling
DPA VSL18 June 2020Slovenia
final
Court Ruling

General GDPR enforcement action

This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.

A Slovenian court found that a company violated local data protection laws by obtaining vehicle owners' personal data without proper legal justification. The court decided that GDPR does not override more detailed local laws in this context. This ruling clarifies that businesses must adhere to both GDPR and specific national regulations.

What happened

A company obtained personal data of vehicle owners without proper legal justification under Slovenian law.

Who was affected

Vehicle owners in Slovenia whose data was obtained without meeting legal requirements.

What the authority found

The court found that the company violated local data protection laws and that GDPR does not override these more detailed national regulations.

Why this matters

This decision clarifies that GDPR does not automatically take precedence over more detailed local laws, emphasizing the need for companies to comply with both EU and national data protection requirements.

GDPR Articles Cited

Art. 6(1)(c) GDPR
Art. 6(2) GDPR
Art. 83(5)(a) GDPR

National Law Articles

Article 10 of ZOdv
Article 2, 2/2, 136, 136/1, 136 / 1-1
Article 8 of ZVOP-1
Articles 8, 91, 91/1, 91 / 1-1, 91/2.
Article 10, 10/1
Decision AuthorityVSL
Slovenia enforcementDPA VSL actionsAll Court case VSL Sodba PRp 345/2019 actions
Full Legal Summary
Detailed

The controller is accused of violating the provision of Article 8 of ZVOP-1 because the responsible person obtained personal data of vehicle owners or users in contravention of Article 10 of ZOdv. Is Slovenian law still applicable if it is more detailed than the GDPR or does the GDPR prevail anyway. The Court of Appeal agrees with the Court of First Instance's finding that the direct application of the GDPR does not constitute a violation of Article 6 (1) (c) as a misdemeanor, with the result that the GDPR from the point of view of misdemeanor law, as part of criminal law, is more lenient for the perpetrator and the court is justified in applying the principle of legality from the second paragraph of Article 2 of ZP-1 on the basis of point 1 of the first paragraph of Article 136.

Outcome

Court Ruling

A ruling by a national court on a data-protection matter.

Related Cases (0)

No other cases found for Court case VSL Sodba PRp 345/2019 in SI

This is the only recorded case for this entity in this jurisdiction.

Details

Ruling Date

18 June 2020

Authority

DPA VSL

Sources

About this data

Data: GDPRhub (noyb.eu)
Licensed under CC BY-NC-SA 4.0
AI-verified and classified

Cite as: Cookie Fines. Court case VSL Sodba PRp 345/2019 - Slovenia (2020). Retrieved from cookiefines.eu

Report Inaccuracy

Last updated: