Details:
Summary | The Spanish DPA (AEPD) has imposed a fine of EUR 1,000 on a company. The controller had used the personal data of a third party in order to obtain a microcredit. The DPA states that the controller lacked a legal basis for the processing and thus violated Art. 6 (1) GDPR. |
Link: | link |
Related articles: | Art. 6 (1) GDPR |
Type: | Insufficient legal basis for data processing |
Fine: | EUR 1,000 |
Sector | Not assigned |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/