Penalty for denied data disclosure

Penalty for denied data disclosure

A company in Hungary refused to provide individuals with information about their personal data stored. Furthermore, this requested the publication of a surveillance video, as this would help in a lawsuit. This request was rejected by the company, on the grounds that this would not help in the dispute. The Hungarian data protection authority NAIH imposed a fine of one million Hungarian forints (about € 3,200) and justified the penalty with the following circumstances:

• type of offence
• with the fact that the data then could be deleted and not restored any more
• it was the company’s first privacy offense
• die Videoüberwachung war grundsätzlich schon unzulässig

The turnover in the previous year amounted to approx. 15.3 million forints (approx. € 50.000, -), whereby the penalty amounts to 6.5% of the annual turnover. The GDPR provides for penalties up to 4% of the worldwide annual turnover OR 20 million euros, whichever is higher .

Handling data subject requests is a complex topic. Every request must be answered, if your company has a lot of requests, it is necessary to automating these tasks. easyGDPR is powerful tool, which gives you the opportunity to do this. More information.

Entscheidungsdatum:
06.03.2019

Land:
Hungary

Art des Verstoßes:
violated duty to inform

Betroffene Datensätze:
1

Waren sensible Daten betroffen?:
No

verhängte Geldstrafe:
€ 3,200,-

Quelle: