Updated: Apr 14, 2020
On 26 August 2019, the Director of the data state Inspectorate of Latvia (DSI) imposed a monetary penalty of 7000 euros to an online retailer, for non-compliance with GDPR. The fine was due to non-conformity with data subjects rights to erasure and non-cooperation with the supervisory authority.
Read the full press release in Latvian here
The DSI initiated an investigation of the complaint about online retailer for non-compliance with the rights of the data subject. In accordance with GDPR Article 17 – data subject right to obtain from the controller to erase his personal data without undue delay.
Investigating the case DSI established that during 2018 claimant had repeatedly requested the retailer to delete all his PII, which included a phone number. The retailer did not comply with the data subject’s request to erase the data and endured to process the PII in question.
While determining the quantity of the fine the Director of the DSI took into consideration the nature, gravity and period of the infringement, the degree of cooperation with the supervisory authority, the number of data subjects affected, the total annual turnover of the preceding financial year of the retailer (GDPR Article 83(5)(b) and (e)).
The DSI informs that, in accordance with the Latvian Administrative Violations Code Article 288 and 289 the retailer has the right to appeal the choice of the Director of the DSI to the District (city) court within ten working days from the day of receipt of the decision.