Data protection fine due to revocation of consent

Date: 06.11.2019

Responsible body: ClickQuickNow

Nature of the data protection breach: breach of the conditions laid down in the GDPR

The President of the Office for the Protection of Personal Data fined ClickQuickNow 201,000 zloty for violating the GDPR.

According to the Polish Data Protection Supervisory Authority, the company has not taken appropriate technical and organisational measures to enable the simple and effective withdrawal of consent to the processing of personal data and the exercise of the right to delete personal data. In doing so, the company violated the conditions for consent set forth in the General Regulation on Data Protection (Article 7) and against the principles of transparent information, communication for the exercise of the rights of the data subject (Article 12).

The company has 14 days from the date of notification of the fine to improve data protection processes and within this period must delete all personal data of data subjects who are not customers or who have objected to the processing of their data.

Legal basis for the fine: Article 7 and the Article 12 the GDPR

Fines: 201,000 zloty

Country: Germany

Source: European Data Protection Board

Back to the overview of the data breaches