Recital 10 GDPR

On June 8, 2020, the Belgian Supervisory Authority (“SA”) fined a (then ex-) politician €5,000 for sending political marketing materials without an appropriate legal basis.  Although the fine was not massive, the case is interesting for another reason: the complaint was brought not by the individuals who received the marketing materials, but by their employer.

According to the SA, the politician exploited the employee list of a local Commune to identify recipients to whom the marketing materials would be sent.  It is not clear how the politician obtained the list.  When the Commune discovered that the list had been leaked, it notified a security breach to the SA and, at the same time, lodged a complaint against the politician.Continue Reading Belgian SA Decision on Lodging GDPR Complaints