Private company

€220K($237K USD)final

Date Issued

2019-03-26

Regulation

GDPR

Authority

Polish National Personal Data Protection Office (UODO)

Country

Poland

Violation Type

Information obligation non-compliance

Currency

EUR

Violation Summary

The private company was fined for having breached the information obligation in the case of personal data of several entrepreneurs. The data was taken from public sources (Central Electronic Register and Information on Economic Activity) and used for commercial purposes. In accordance with Art. 14(1) – (3) of the GDPR, the company was obligated to inform all the individuals concerned about the data processing. However, the company informed only those individuals for whom it had email addresses. For the rest, the high operational costs made them ignore the information obligation.

Articles Violated

Art. 14 GDPR

View Source Document →

Related Headlines

Poland fines ING Bank Śląski 18.4m zloty over data privacy violations - Notes From Poland

Notes From Poland · 8/27/2025

Data Minimization to Avoid Over-Retention of Personal Information | Practical Law The Journal - Reuters

Reuters · 4/1/2025

Employee Data: 5 Ways to Tighten Security to Shore Up Trust - WSJ

WSJ · 6/11/2024

Data Privacy and Cybersecurity: 2023 Trends and Developments - Reuters

Reuters · 2/1/2024

AI Can Ease GDPR Burden - WSJ

WSJ · 6/3/2018

Other Fines for Private company

Date	Regulation	Amount (USD)	Type
2019-03-26	GDPR	$237,101	Information obligation non-compliance