D.A.A.A. (Claimant) v. Group BC S.L.

Warning issued

Excerpt

The AEPD warned a website for failure to provide precise information about the data processing in its privacy policy.

Our analysis

A citizen filed a complaint with the AEPD regarding the privacy policy of www.banderacatalana.cat, which was controlled by GRUP BC S.L. The complainant claimed that the policy did not comply with GDPR standards, specifically citing the lack of precise information regarding the purposes of processing, consent, and child consent as a legal basis for processing. Upon investigation, the AEPD confirmed that GRUP BC S.L had indeed violated Articles 13(1), 6(1)(a), and 8 of the GDPR. The AEPD found that the webpage's privacy policy did not provide sufficient information about the specific purposes of processing personal data and did not include proper provisions for obtaining consent or child consent as a legal basis for processing. Consequently, the AEPD issued a warning to the company for its non-compliance with GDPR standards.

Outcome

The GDPR violations by GRUP BC S.L were confirmed by the AEPD, who found that the webpage's privacy policy lacked the necessary precision required under Article 13(1), 6(1)(a), and 8 of the GDPR. As a result, the AEPD issued a warning to the company.

Parties

D.A.A.A. (Claimant) and Group BC S.L.

Case number

PS/00006/2019

Related deceptive patterns

Related laws

Legal enforcement database by Leiser, Santos and Doshi

The information about laws and cases on this website is brought to you by the Leiser, Santos and Doshi enforcement database.

About us