Iceland
eCommerce 2020 ApS
51,000 €
GDPR enforcement action by Icelandic data protection authority ('Persónuvernd') on 2023-06-27.
Rank · Sector
#123
of 322 in Finance, Insurance and Consulting
Rank · Iceland
#4
of 22
Rank · All fines
#687
of 3,050
Case details
- Authority
- Icelandic data protection authority ('Persónuvernd')
- Date
- 2023-06-27
- Controller / Processor
- eCommerce 2020 ApS
- Sector
- Finance, Insurance and Consulting
- Quoted Articles
- Art. 5 (1), (2) GDPR, Art. 6 (1) GDPR, Art. 8 laga nr. 90/2018, Art. 9 laga nr. 90/2018
- Type of violation
- Insufficient legal basis for data processing
Summary
The Icelandic DPA has imposed a fine of EUR 51,000 on eCommerce 2020 ApS. The controller had submitted information on loan defaults for registration even though the required registration conditions for this have not been in place. For instance, unpaid small loans were registered although they were below the required minimum amount. In assessing the fine, the fact that a large number of people were affected by the incident and that the controller was pursuing profits were considered aggravating factors.
Open original source
Links to the regulator's original publication or another source.
Related fines
Iceland
2023-06-27
257,000 €
ETid-1952
Creditinfo Lánstraust hf.
Finance, Insurance and Consulting
Iceland
2023-07-03
81,000 €
ETid-1940
Heilsuveru
Health Care
Iceland
2021-11-23
51,000 €
ETid-916
Icelandic Ministry of Industry and Innovation
Public Sector and Education
Iceland
2022-05-03
36,000 €
ETid-1154
City of Reykjavík
Public Sector and Education
Iceland
2025-02-17
34,300 €
ETid-2602
Primary Health Care in the Capital Area
Health Care
Iceland
2021-06-15
34,000 €
ETid-740
Huppuís ehf
Employment