Court case II SA/Wa 1635/20 – Court Ruling (Poland, 2021)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A Polish court found that the data protection authority mishandled a complaint about the Polish Post's data request. This is important because it shows that authorities must follow proper procedures when handling privacy complaints. The ruling emphasizes the need for transparency and accountability in data processing decisions.
What happened
The court ruled that the data protection authority improperly refused to investigate a complaint about the Polish Post's data request.
Who was affected
Individuals whose personal data was requested by the Polish Post without clear legal grounds.
What the authority found
The court found that the data protection authority failed to properly handle the complaint, impacting the case outcome.
Why this matters
This decision highlights the importance of procedural fairness in privacy cases and may lead to more rigorous scrutiny of data requests by public authorities. It encourages individuals to challenge decisions they believe are mishandled.
GDPR Articles Cited
National Law Articles
In April 2020 a data subject lodged with the Office for Personal Data Protection a complaint against unlawful processing of his personal data by Poczta Polska S.A. (Polish Post). In his complaint, the complainant referred to reports that the Polish Post had submitted an electronic request to the Ministry of Digitalisation to transfer his personal data. The complainant indicated that, to the best of his knowledge, in responding to the above request the Ministry issued the data covered by the request to the operator. In these circumstances, the complainant requested the President of the Office for Personal Data Protection to require from the controller to cease the processing and delete his personal data by the Polish Post. The complainant also mentioned that Poczta Polska S.A., as a postal operator, may receive personal data on condition that they are necessary for the performance of tasks connected with the organisation of the election of the President of the Republic of Poland or performance of other duties imposed by government authorities. However, as the complainant pointed out, none of the above prerequisites had been fulfilled because the Act introducing the obligation of voting by post was still not a binding law due to the unfinished legislative process. The President of the Office for Personal Data Protection refused to initiate proceedings. The data subject filed a complaint with the Provincial Administrative Court. Was the acquisition of personal data by Poczta Polska S.A. legal? The Court revoked the appealed decision of the President of the Office for Personal Data Protection and found that the supervisory authority, by issuing the disputed decision, committed a breach of administrative procedure, which had a significant impact on the outcome of the case. The Court pointed out that the DPA incorrectly decided that there were grounds to refuse to initiate administrative proceedings on account of the alleged lack of subject-matter of the proceedings.
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for Court case II SA/Wa 1635/20 in PL
This is the only recorded case for this entity in this jurisdiction.
Details
About this data
Cite as: Cookie Fines. Court case II SA/Wa 1635/20 - Poland (2021). Retrieved from cookiefines.eu
Last updated: