TRIVE CREDIT SPAIN S.L. – €180,000 Fine (Spain, 2025)

TRIVE CREDIT SPAIN, S.L. (the controller) is a financial company that provides loans, including microloans online. On 19 September 2023, a data subject filed a complaint with the DPA on the grounds that the controller had not responded to their access request. During the DPA’s investigations, the controller did not prove that it had responded to the access request. Therefore, the DPA ordered the controller in March 2024 to respond to the access request by providing the data requested or denying the request with an explanation. The DPA set a deadline of ten business days to comply with the decision. The data subject contacted the DPA in July 2024, stating that the controller had not complied with the decision. The DPA then sent two requests to the controller to comply within five and ten business days respectively. The DPA began sanctioning proceedings in December 2024, as the controller had not responded to the access request or presented an appeal of the DPA’s decision to a court. The controller argued that the data subject had abused their rights under the GDPR. According to the controller, it had already processed the data subject’s erasure request in January 2023. In addition, the controller argued that the access request was part of a “confrontation strategy” intended to harm the company; this included two lawsuits, 80 phone calls and at least two complaints to the DPA. Finally, the controller argued that it had already responded to three access requests that year. The DPA found a violation of Article 58(2)(c) GDPR, as the controller had not complied with its previous decision to respond to the data subject’s access request. The DPA warned the controller that it had the proactive responsibility of proving its compliance with the GDPR in accordance with Article 5(2) GDPR; this extends to the entire “life cycle” of data processing. The DPA considered this a serious violation, as the controller failed to prove it had complied with its obligations under the G