UODO's Investigation against ClickQuickNow Sp. z o. o.

€47,000 in fines

Excerpt

The UODO imposed a fine against a company for preventing data subjects to withdraw consent easily and effectively their consent and to request the erasure of their personal data

Our analysis

The UODO conducted an investigation into ClickQuickNow Sp. z o. o.'s processing operations compliance with GDPR in February 2019. During the investigation, it was revealed that the company did not implement appropriate technical and organizational measures that allowed data subjects to withdraw their consent and request the erasure of their personal data easily and effectively. This resulted in a violation of Articles 5(1)(a), 6(1), 7(3), 12(2), 17(1)(b) and Article 24(1) of the GDPR. Furthermore, the DPA found that the company processed the personal data of non-customers without a legal basis and without providing them with the option to remove their personal data. As a result, the company violated GDPR regulations. In addition to the fine of around €47,000, the DPA ordered ClickQuickNow Sp. z o. o. to rectify its processing practices to comply with GDPR requirements within 14 days. The company was also instructed to delete the personal data of non-customers who had requested their data to be deleted.

Outcome

ClickQuickNow Sp. z o. o., a limited liability company, has been fined approximately €47,000 by the UODO for impeding the exercise of the right to withdraw consent. In addition to the fine, the DPA has instructed the company to conform its processing practices to the GDPR's standards within 14 days and to remove the personal data of non-customers who have requested their data to be deleted.

Parties

UODO and ClickQuickNow Sp. z o. o.

Case number

ZSPU.421.3.201

Related deceptive patterns

Related laws

Legal enforcement database by Leiser, Santos and Doshi

The information about laws and cases on this website is brought to you by the Leiser, Santos and Doshi enforcement database.

About us