Details:
Summary | The Icelandic DPA has imposed a fine of EUR 257,000 on Creditinfo Lánstraust hf.. The controller had registered information on loan defaults even though the required registration conditions for this have not been in place. For instance, unpaid small loans were registered although they were below the required minimum amount. In assessing the fine, the fact that a large number of people were affected by the incident and that the controller was pursuing profits were considered aggravating factors. |
Link: | link |
Related articles: | Art. 5 (1), (2) GDPR, Art. 6 (1) GDPR, Art. 8 laga nr. 90/2018, Art. 9 laga nr. 90/2018 |
Type: | Insufficient legal basis for data processing |
Fine: | EUR 257,000 |
Sector | Finance, Insurance and Consulting |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/