The Danish Data Protection Authority (“Authority”) imposed fine of 50.000 DKK on the Danish Recruitment Company JobTeam on the ground that the company did not meet the basic requirements of the General Data Protection Regulation (“GDPR”) that personal data must be processed lawfully, fairly and transparently.

Upon the complaint by the data subject that the company had erased personal data subject to the access request of a data subject during the period after the request was submitted, the Authority became aware of the case.

It is stated that it is also a violation of citizen’s fundamental rights beside violation of the GDPR, where a controller deletes information on the individual directly linked to the failure to meet an access request.

You can read the decision here.

Should you have any queries and/or remarks, please do not hesitate to contact us. 

Kind regards,

Zumbul Attorneys-at-Law