The UODO conducted an investigation into ClickQuickNow Sp. z o. o.'s processing operations compliance with GDPR in February 2019. During the investigation, it was revealed that the company did not implement appropriate technical and organizational measures that allowed data subjects to withdraw their consent and request the erasure of their personal data easily and effectively. This resulted in a violation of Articles 5(1)(a), 6(1), 7(3), 12(2), 17(1)(b) and Article 24(1) of the GDPR. Furthermore, the DPA found that the company processed the personal data of non-customers without a legal basis and without providing them with the option to remove their personal data. As a result, the company violated GDPR regulations. In addition to the fine of around €47,000, the DPA ordered ClickQuickNow Sp. z o. o. to rectify its processing practices to comply with GDPR requirements within 14 days. The company was also instructed to delete the personal data of non-customers who had requested their data to be deleted.