Belgium: Penalty for Incorrect Privacy Policy
The operator of a website has been sentenced to pay a fine because of a poor privacy policy. The website publishes legal news. Although Belgians are the target audience, the privacy policy had been provided in English only.
Furthermore, the privacy policy was not easy to find and included references to the new California Data Protection Act. It is thus obvious that this was simply copied from another website.
In addition, there was no reference to the data protection officer(s) and the legal basis for processing. The explanation was also flawed in other respects.
Due to these multiple infringements, the data protection authority imposed a fine of € 15,000 whereby the company’s annual turnover lies at approximately 1.7 million euros.
Entscheidungsdatum:
17.12.2019
Land:
Belgium
Art des Verstoßes:
violated duty to inform
Betroffene Datensätze:
unknown
Waren sensible Daten betroffen?:
No
verhängte Geldstrafe:
€ 15,000,-
Violation of GDPR Paragraph:
unknown
Quelle:
Notice from the Belgian data protection authority (Flemish)