DSGVO fine for new owner of Delivery Hero
Delivery Hero SE, headquartered in Berlin, has experienced numerous data protection breaches in the past. The company operated an online food platform, which has since been taken over by takeaway. takeaway.com has now been fined € 195,407.00.
The reason for this was unsolicited advertising mails about which eight former Delivery Hero customers had complained. Although a data subject had expressly objected to the use of his data for advertising purposes, he received a further 15 advertising e-mails from the delivery service. Furthermore, in ten cases Delivery Hero had not deleted the accounts of former customers, even though they had not been active on the platform for years.
There was therefore no need to continue storing the data. In a further five cases, the right to information of the persons concerned was disregarded. According to Article 15 of the GDPR, data subjects have the right to obtain information about their personal data and the purpose of the processing. In this case, the Berlin supervisory authority assumed that there was a “fundamental, structural organizational problem”.
Art des Verstoßes:
violated rights of the data subject
Waren sensible Daten betroffen?:
Violation of GDPR Paragraph:
15. Right of access by the data subject
5. Principles relating to personal data processing
6. Lawfulness of processing