Bürgerforum Schweiz – €3,975 Fine (Switzerland, 2024)

Bürgerforum Schweiz, a civil association (the controller) launched a campaign called “Pfarrer-Check” on its website to publicly question church personnel (the data subjects) about their personal faith. A questionnaire was used to assess the theological views of these data subjects and published information about them in an online database. Data subjects received the questionnaire from the controller or third parties. The controller provided an online database contained data on about 6,000 data subjects. The database, accessible to anyone, contained personal details such as names, organizations, functions, postal codes, and response status. Specifically, each listed data subject was assigned a status: “recorded” (publicly known but not yet contacted), “requested” (contacted but no response or consent), or “answered” (responded and explicitly consented to publication). Nevertheless, thousands of names and response statuses without prior consent were included. There was no requirement in the questionnaire or on the website that third parties asked for consent before sharing personal data of the data subjects with the controller. Likewise, data subjects that received the questionnaire were not asked whether they agree to have their data or response status. The controller’s website hosted a general privacy policy that applies to all activities, not just Pfarrer-Check. The policy distinguished between public and non-public personal data, stating that public data could be used freely, while non-public data required explicit authorization. It granted a limited right to object, applying only to data subjects whose data were not publicly visible online. If the data subjects, whose addresses were publicly available, submitted a request to the controller to be deleted from the database, this request would not be granted. Based on inquiries from the controller as well as various reports from data subjects, the EDÖB, the Swiss DPA, was made aware of the launched campaign of the