Polish DPA: Breach of the GDPR provisions by Funeda results in a fine

19 March 2021 Poland

Funeda Sp. z o.o. company breached the provisions of the General Data Protection Regulation (GDPR) by not cooperating with Polish Data Protection Authority in the scope of performing the supervisory authority's tasks. Administrative fine of over PLN 22 000 (EUR 5 000) was imposed on the company.

The lack of cooperation consisted in the fact that the fined company did not provide access to all personal data and information necessary for the Polish DPA to investigate the complaint about irregularities in the processing of the complainant's personal data. As part of the administrative proceedings initiated to investigate the complaint filed, the Office asked the company to respond to the content of the complaint and to answer specific questions regarding the case.

The Polish DPA called the company twice to provide explanations necessary for the examination of the case. Despite receiving the correspondence, the company has not replied to the letters sent to it so far. In connection with the failure to provide information in the case, the Polish DPA initiated the proceedings in the matter to impose an administrative fine. The company, despite being correctly notified by the supervisory authority and instructed on its right to express its opinion on the collected evidence and materials and the submitted requests, also failed to take any action to clarify the matter. It should be mentioned that the Office made repeated attempts to contact the company by phone and e-mail based on the data on its website. The company has not contacted the Office to the date of the decision.

In the opinion of the Polish DPA, the fine imposed is proportionate to the gravity of the breach. The fine will also fulfill a dissuasive function, as it will be a clear signal both to the company and to other entities that letters from the supervisory authority should not be ignored. Disregarding duties related to the cooperation with the supervisory authority, in particular impeding the access to information necessary for the performance of its tasks, constitutes a breach of great importance and as such is subject to financial sanctions.

The full text of the decision is available in Polish here

For further information, please contact the Polish DPA: kancelaria@uodo.gov.pl

 

The press release published here does not constitute official EDPB communication, nor an EDPB endorsement. This press release was originally published by the national supervisory authority and was published here at the request of the SA for information purposes. As the press release is represented here as it appeared on the SA's website or other channels of communication, the news item is only available in English or in the Member State's official language with a short introduction in English. Any questions regarding this press release should be directed to the supervisory authority concerned.