Association diocésaine d'Angers – Court Ruling (France, 2024)
General GDPR enforcement action
This case relates to broader data protection obligations, not specifically to cookie or consent banner compliance. It is not included in cookie statistics or the Risk Calculator.
A French court ruled that the Association diocésaine d'Angers properly handled a request from a person wanting access to his baptism records. The court found that the association's actions met legal requirements, which is important for how organizations manage sensitive personal data.
What happened
The court decided that the Association diocésaine d'Angers did not violate data protection rules when it processed a request for access to baptism records.
Who was affected
The person who requested access to his baptism records and sought to have his data erased.
What the authority found
The court held that the association had a valid legal basis for processing the sensitive data and properly addressed the request.
Why this matters
This ruling highlights the importance of organizations understanding their legal obligations when handling sensitive personal data. It serves as a reminder for similar organizations to ensure they comply with data protection rules.
GDPR Articles Cited
View original scraped data
Original data from scraper before AI verification against source document.
On 15 February 2020, a data subject lodged a complaint with the French DPA (“CNIL”) regarding the refusal by the Diocesan association of Angers to grant his request for access to personal data concerning him contained in the baptism register of Angers’ diocese and to exercise his right to erasure and to object the processing of his personal data. After noting that the access request had been granted by the controller, the CNIL considered that (i) the data subject could not rely on any of the grounds for deletion mentioned in Article 17(1) GDPR and (ii) the insertion in the margin of the register of a statement indicating that the data subject did not recognize the value of his baptism could be regarded as satisfying the exercise of his right to object under Article 21(1) GDPR. Therefore, in a letter dated 2 December 2021, the CNIL informed the data subject of their decision to close the complaint. The data subject appealed this decision asking the French Supreme Administrative court (“Conseil d’Etat”) to annul it. Firstly, regarding the lawfulness of the processing in itself, data revealing a person’s religious beliefs is, by virtue of Article 9 GDPR, sensitive data whose processing is, in principle, prohibited. By way of exception, the processing of such data is authorised, in particular under Article 9(2)(d) if it is carried out, in the context of their legitimate activities and subject to appropriate safeguards, by an association pursuing a religious aim, provided that the processing relates to members, former members or persons having regular contact with it. The Conseil d’Etat noted that the baptism registers kept by the Catholic Church are intended to keep a record of every event. This personal data was only accessible to the persons concerned and the registers were kept in a closed place before being deposited in the diocese’s historical archives for a period of 120 years. The Conseil d’Etat therefore considered that the mention of personal data in the ba
Outcome
Court Ruling
A ruling by a national court on a data-protection matter.
Related Cases (0)
No other cases found for Association diocésaine d'Angers in FR
This is the only recorded case for this entity in this jurisdiction.
Details
Ruling Date
2 February 2024
Authority
Commission Nationale de l'Informatique et des Libertés
GDPRhub ID
gdprhub-court-7592About this data
Cite as: Cookie Fines. Association diocésaine d'Angers - France (2024). Retrieved from cookiefines.eu
Last updated: