Details:

Summary The Icelandic DPA has imposed a fine of EUR 51,000 on eCommerce 2020 ApS. The controller had submitted information on loan defaults for registration even though the required registration conditions for this have not been in place. For instance, unpaid small loans were registered although they were below the required minimum amount. In assessing the fine, the fact that a large number of people were affected by the incident and that the controller was pursuing profits were considered aggravating factors.
Link: link
Related articles:  Art. 5 (1), (2) GDPR, Art. 6 (1) GDPR, Art. 8 laga nr. 90/2018, Art. 9 laga nr. 90/2018
Type: Insufficient legal basis for data processing
Fine: EUR 51,000
Sector Finance, Insurance and Consulting

 

All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/

Tags: case law