COOPERATIVE RABOBANK UA – Court Ruling (Netherlands, 2020)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A court in the Netherlands ruled on a case involving Rabobank and a customer's credit record. The customer wanted an arrears code removed after paying off a debt, but Rabobank refused. The court found that Rabobank's interest in keeping the record did not outweigh the customer's rights.
What happened
Rabobank refused to remove an arrears code from a customer's credit record after the debt was paid off.
Who was affected
A customer whose credit record with Rabobank included an arrears code despite having paid off the debt.
What the authority found
The court ruled that Rabobank's interest in maintaining the credit record did not outweigh the customer's rights to have the arrears code removed.
Why this matters
This ruling highlights the balance between a company's interest in maintaining credit records and an individual's right to privacy. It emphasizes the need for companies to carefully consider privacy rights when handling personal data.
GDPR Articles Cited
The claimant was registered in the Central Credit Information System (hereinafter CKI) of the BKR (Credit Registration Office) because of two instances on which he had defaulted on repaying an overdraft. BKR then issued the claimant with a revolving credit, set to begin in 2012 and end in 2019, and visible until 2024. The registration of the revolving credit contained an arrears code (signalling that money is owed and should have been paid earlier) which would remain visible on his account until 2021. When the claimant paid back the full amount in 2020, he asked to have the arrear code removed from his file. Rabobank refused to remove the code, which led to the complainant filing a complaint. Pursuant to Article 21(1) of the GDPR, persons such as [the claimant] can object to the processing of their personal data on the basis of Article 6(1)(e) or (f) GDPR due to their specific situation . The controller, in this case Rabobank, must honor the objection, unless it submits compelling legitimate grounds for the processing that outweigh the interests, rights and freedoms of the persons concerned. If the objection is granted, the controller must delete the personal data without unreasonable delay. If the controller does not honor the objection, the data subject may, if necessary, ask the court for an effective remedy (Article 79 GDPR and Article 35 UAVG). The court assesses whether the controller has demonstrated that its compelling legitimate interests (in this case the dual purpose of the credit registration: to protect the consumer against excessive credit and to warn other credit institutions) in this specific case outweigh the interests or the fundamental rights and freedoms of the data subject (recital 69 GDPR). Whether it was proportionate for the BKR registration to be maintained, given the fact that the claimant had paid back her arrear and the current registration was preventing her from taking out housing credit? After weighing up the interests involved, R
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for COOPERATIVE RABOBANK UA in NL
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. COOPERATIVE RABOBANK UA - Netherlands (2020). Retrieved from cookiefines.eu
Last updated: