Tag Archives: Data Protection Authority

Danish DPA issues its first GDPR fine for late deletion of customer telephone numbers

Denmark’s Data Protection Authority Datatilsynet (DPA) recently recommended its first fine for a breach of the GDPR by the taxi company, Taxa 4×35 (Taxa), due to its over-retention of certain customer data. Breach of the data minimisation principle The Danish DPA found that Taxa did not adhere to the GDPR’s data minimisation principle by over-retaining … Continue Reading

Another day…another set-back for Europe’s plans for a single market

Plans for a single market have been delivered yet another blow, this time as a result of an ECJ preliminary ruling against a relatively unknown Slovakian company. The court ruled in Weltimmo SRO v. Nemzeti Adatvedelmi es Informacioszabadsag Hatosag, that national data protection authorities (DPAs) may take action against businesses that target residents in their … Continue Reading

Brazil’s proposed privacy laws raise public concern

The Brazilian government’s proposal for Brazil’s first data protection framework (‘the Proposal’) hit a stumbling block after major concerns were raised in public comments. After the public consultation period ended, those reviewing the comments made numerous suggestions for changes, such as tightening the definition of what constitutes personal data, clarifying the consent for processing rules, … Continue Reading

EU Art. 29 Working Party Announces Cooperation Procedure for EU Model Clauses

The Article 29 Data Protection Working Party (Working Party) released a Working Document setting forth a co-operation procedure for issuing common opinions on “Contractual clauses” considered as compliant with the EC Model Clauses (Working Document). The aim of this Working Document is to facilitate the use of the EU model clauses across multiple jurisdictions in … Continue Reading

Hamburg DPA Files Bank €200,000 For Accessing Customer Data and Customer Profiling

On November 23, 2010, the data protection authority (the “DPA”) of the German federal state of Hamburg fined regional financial institution Hamburger Sparkasse AG (“Haspa”) €200,000 for illegally allowing its customer service representatives access to customers’ bank data, and for profiling its customers and also granting the representatives access to such profiles. The bank cooperated … Continue Reading
LexBlog