Data Risk Intelligence
Automated Data Mapping
Do Not Sell/Do Not Share
Cookie Banner Solutions
Consent & Preferences
Data Rights RequestsDutch DPA Fines a Non-EU Website €525,000 for Failure to Comply with the GDPR
The Dutch Data Protection Authority has imposed a €525,000 fine on a non-EU website for failure to appoint a Data Protection Representative as required by Article 27 of the GDPR.
Locatefamily.com is a website where people can find contact details of their lost relatives or of people they would like to get in touch with. It contends that it is not located in the European Union and purports to have no business relationships in the EU. The platform contains personal data, including addresses and phone numbers, of individuals from all over the world, including from the EU. About 700,000 Dutch are listed on the website. The individuals are not required to register on the website for their data to appear there and might not even be aware that the website is listing their data.
Organizations located outside of the European Union might be subject to the GDPR if they offer goods and services to individuals in the EU or are monitoring their behavior. Article 27 of the GDPR requires such organizations to appoint a Data Protection Representative established in one of the Member States where the data subjects, whose personal data are processed or whose behavior is monitored by the organization, are located. The DPR serves as the designated contact person for the supervisory authorities and data subjects on all issues related to data processing for the purposes of ensuring compliance with the GDPR.
In addition to imposing the €525,000 fine, the DPA will impose a €20,000 fine for every two weeks that the company fails to appoint a DPR after the designated date.
The decision by the Dutch Data Protection Authority continues the trend of the European regulators fining non-EU online companies for failure to comply with the GDPR. Just recently, the Norwegian Data Protection Authority disclosed that it plans to issue a €2.5 million fine against a U.S.-based online public comment sharing platform for not complying with the GDPR requirements of accountability, lawfulness, and transparency.
Take a tour of Clarip’s patented data privacy technology and learn how Clarip can help your enterprise comply with emerging data subject rights regulations. Call Clarip today at 1-888-252-5653 or schedule a Demo Online!
