Belgium
Isabel SA
120,000 €
GDPR enforcement action by Belgian Data Protection Authority (APD) on 2026-05-12.
Rank · Sector
#83
of 321 in Finance, Insurance and Consulting
Rank · Belgium
#6
of 50
Rank · All fines
#441
of 3,039
Case details
- Authority
- Belgian Data Protection Authority (APD)
- Date
- 2026-05-12
- Controller / Processor
- Isabel SA
- Sector
- Finance, Insurance and Consulting
- Quoted Articles
- Art. 5 (1) a), c) GDPR, Art. 12 (1) GDPR, Art. 13 GDPR, Art. 15 (1) GDPR, Art. 25 (2) GDPR
- Type of violation
- Insufficient fulfilment of data subjects rights
Summary
The Belgian DPA has imposed a fine of EUR 120,000 on Isabel SA. The controller, who operates the 'TruliUs' authentication application, failed to provide data subjects with correct privacy information due to the fact that the data collected did not match that described in the privacy information. Additionally, the controller collected excessive amounts of data that were not necessary for processing purposes, and failed to adequately respond to a data subject's request to exercise their rights. Lastly, the controller misclassified itself as a processor.
Open original source
Links to the regulator's original publication or another source.
Related fines
Belgium
2020-07-14
600,000 €
ETid-344
Google Belgium SA
Media, Telecoms and Broadcasting
Belgium
2022-04-04
200,000 €
ETid-1116
Brussels Airport Zaventem
Transportation and Energy
Belgium
2024-12-17
200,000 €
ETid-2521
Hospital
Health Care
Belgium
2026-05-12
177,000 €
ETid-3172
Technology Company
Employment
Belgium
2024-01-16
174,640 €
ETid-2225
Black Tiger Belgium
Industry and Commerce
Belgium
2021-04-26
100,000 €
ETid-664
Financial company
Finance, Insurance and Consulting