C037-10028 MTCH Technology Services Limited

cookie banner
Case project
MTCH Technology Services Limited
Case status
Withdrawn (Complied)
Filed: Closed: (1 year 2 months)

One of the series of complaints on deceptive cookie banners.

Date Summary
noyb withdrew the complaint

All the violations are remedied

DPC forwarded a letter from MTCH Technology Ltd
DPC to confirm timetable for cookie complaints
noyb response to the DPC

noyb responded to the DPC that they excluded one case from their list of complaints and requested that all complaints be covered. Regarding one specific complaint noyb stated that there was no withdrawel because the controller did not change their website in the past - however they did do so now. The complaint against the controller of benjerry.ie can therefore now be withdrawn. noyb also stated that complaints can be withdrawn amicably and requested a clear timeline by 19th August 2022.

DPC confirmed they will start the investigation of 17 complaints

They are asking us if we are still happy to resolve cases amicably. They also took out silently one case from the list (Twitter MoPub)

DPC one line answer they will respond in the coming days
noyb response to the DPC

noyb responded that the DPC is competent to investigate the cases under the GDPR and that it does not make sense to forward them to the telecoms authorities abroad. noyb provided evidence that personal data was processed when submitting complaints. noyb proposed the DPC investigates only the "GDPR part" of the complaints - if else is impossible.

Alternatively, noyb requested that the DPC either formally rejects the complaints or provides a detailed timeframe to reach a decision by end of 2022. Deadline 5 August.

DPC letter insisting they are not competent to investigate

DPC responded that they want the ePrivacy authorities to investigate the complaints first in order for the DPC to start their own investigation under the GDPR.
The own volition procedure would investigate the banners themselves (in particularly the presence of the 'reject' button).

DPC one line answer they will respond in the coming days
noyb response to the DPC

noyb responded that that (1) this does not make sense under Irish ePrivacy law and (2) the complaint is brought also under GDPR and their own ePrivacy guidance says that if there is personal data in cookie, GDPR applies too. We told them to get back by 19 July.

DPC say they may not be competent

DPC wrote that their assessment suggests that the DPC may not be the competent authority to carry out investigations under Regulation 17 of S.I. No. 336 of 2011 because the complainant's device was outside of Ireland at the time of the violation.

DPC information

DPC wrote 'The purpose of this letter is to inform you that the DPC is still DPC is still considering these complaints and the appropriate legislative framework under which to deal with them.'

noyb asked to indicate a specific deadline

noyb asked to indicate a specific date when the next update can be expected and when we can get access to the submissions - if any were made

DPC acknowledged receipt of the complaint and is assessing it
Complaint filed