HDPA (Greece) - 8/2021: Difference between revisions

From GDPRhub
(Created page with "{{DPAdecisionBOX |Jurisdiction=Greece |DPA-BG-Color=background-color:#ffffff; |DPAlogo=LogoGR.jpg |DPA_Abbrevation=HDPA |DPA_With_Country=HDPA (Greece) |Case_Number_Name=901...")
 
 
(8 intermediate revisions by 3 users not shown)
Line 7: Line 7:
|DPA_With_Country=HDPA (Greece)
|DPA_With_Country=HDPA (Greece)


|Case_Number_Name=901
|Case_Number_Name=8
|ECLI=
|ECLI=


Line 31: Line 31:




|National_Law_Name_1=11 (3) 3471/2006
|National_Law_Name_1=
|National_Law_Link_1=
|National_Law_Link_1=Article 11(3) 3471/2006


|Party_Name_1=
|Party_Name_1=
Line 54: Line 54:
}}
}}


The Greek DPA held that a 2000€ fine should be imposed to a candidate of the municipal elections for illegal processing of personal data for the purpose of political communication via emails.  
The Greek DPA fined a political candidate €2000 for processing personal data for the purpose of political communication via email without the data subject's consent.


== English Summary ==
== English Summary ==


=== Facts ===
=== Facts ===
The complainant received an SMS from the political candidate which was promoting the candidate’s participation at the municipal elections without having granted a consent to do so. The political candidate, wasn’t able to provide proofs that the complainant and other data subjects gave their consent for the processing.  
The complainant received an SMS from the political candidate which was promoting the candidate’s participation at the municipal elections without having granted a consent to do so. The political candidate, wasn’t able to provide proof that the complainant and other data subjects gave their consent for the processing.  


=== Dispute ===
=== Dispute ===

Latest revision as of 08:44, 23 November 2021

HDPA - 8
LogoGR.jpg
Authority: HDPA (Greece)
Jurisdiction: Greece
Relevant Law: Article 4(7) GDPR
Type: Complaint
Outcome: Upheld
Started:
Decided: 02.12.2020
Published: 16.04.2021
Fine: 2000
Parties: n/a
National Case Number/Name: 8
European Case Law Identifier: n/a
Appeal: n/a
Original Language(s): Greek
Greek
Original Source: Αρχή Προστασίας Προσωπικών Δεδομένων (in EL)
Αρχή Προστασίας Προσωπικών Δεδομένων (in EL)
Initial Contributor: n/a

The Greek DPA fined a political candidate €2000 for processing personal data for the purpose of political communication via email without the data subject's consent.

English Summary

Facts

The complainant received an SMS from the political candidate which was promoting the candidate’s participation at the municipal elections without having granted a consent to do so. The political candidate, wasn’t able to provide proof that the complainant and other data subjects gave their consent for the processing.

Dispute

Was the political communication legal under article 4 GDPR?

Holding

The DPA held that in the light of Article 4 GDPR, Article 13 of the national law 3471/2006 and Article 11 of the national law 3471/2006, the political communication for the purposes of the promotion of the candidate’s political campaign, can be considered legal only after the granting of explicit consent. Political communication without consent is possible only if the data subject has been given his personal details and was informed that the details will be used for the purposes of the political communication. Moreover the data subject should be able to withdraw and refuse this processing.

For this reason the DPA fined the candidate for unlawful processing of data by a 2000€ fine.


Comment

Share your comments here!

Further Resources

Share blogs or news articles here!

English Machine Translation of the Decision

The decision below is a machine translation of the Greek original. Please refer to the Greek original for more details.