Fine against Bisnode Polska

Fine against Bisnode Polska

Bisnode is an economic database. As part of the duty to inform, the company has informed only a fraction of the persons affected.

All those, where Bisnode did not knew the e-mail address, were only informed via the website because, according to the company, everything else would have been too much effort. The Polish data protection authority did not share this opinion and imposed a fine because the company deliberately violated the GDPR. Among other things, the explanatory statement stated that of the 90,000 affected persons who were informed about 12,000 had objected to the further processing of their personal data.

Conclusion

The GDPR has strict rules for informing people about processing their data. easyGDPR helps you to know which data processing is lawful and which is not. Before the GDPR entered into force in May 2018, many companies asked for a confirmation, that they are allowed to process personal data. If their customers have not send an additional confirmation, they deleted the personal data of them.

easyGDPR customers knew that a additional confirmation was not necessary, if the customers has already agreed to data processing before. Therefore, our customers could save their client base.

Entscheidungsdatum:
26.03.2019

Land:
Poland

Art des Verstoßes:
violated duty to inform

Betroffene Datensätze:
5 700 000

Waren sensible Daten betroffen?:
No

verhängte Geldstrafe:
€ 220,000,-

Quelle: