Croatia's data protection authority, AZOP, has handed down a 20 million euro fine to a credit institution for violating the EU General Data Protection Regulation. AZOP alleges the institution breached Article 15(3) of the GDPR with its refusal to honor requests of nearly 2,500 clients who sought to access the personal information shared in credit documents held by the institution. Additionally, AZOP found the institution did not take the proper steps to protect the rights and freedoms of the data subjects associated with the violation. (Original post is in Croatian.)
If you want to comment on this post, you need to login.