C037-10319 Ulster Bank Ireland DAC
Case projectCookie Banners
ControllerUlster Bank Ireland DAC
Case statusPending (2 - 3 years)
One of the series of complaints on deceptive cookie banners.
DPC non amicable resolution letter
The DPC tried to resolve the case amicably but we disagreed because some violations were outstanding. Accordingly, the DPC will now proceed in accordance with the provisions of section 109(4) of the Act.
DPC sends full answer
DPC provides the full answer of the respondent
noyb response to maintain complaint
noyb sends a letter answering that only violation type B has been remedied, type A & K are remaining, therefore no amicable settlement possible
DPC sends response from controller and asks if matter clarified
Response from controller is that having no reject button is in line with the GDPR and that they identified the data subject.
DPC oneliner they will respond in the coming days
noyb response to the DPC
noyb responded that that (1) this does not make sense under Irish ePrivacy law and (2) the complaint is brought also under GDPR and their own ePrivacy guidance says that if there is personal data in cookie, GDPR applies too. We told them to get back by 19 July.
DPC letter they may not be competent
DPC wrote that their assessment suggests that the DPC may not be the competent authority to carry out investigations under Regulation 17 of S.I. No. 336 of 2011 because the complainant's device was outside of Ireland at the time of the violation.
DPC wrote 'The purpose of this letter is to inform you that the DPC is still considering these complaints and the appropriate legislative framework under which to deal with them.'
noyb asked to indicate a specific date when the next upate can be expected
noyb asked to indicate a specific date when the next update can be expected and when we can get access to the submissions - if any were made
DPC acknowledged receipt of the complaint and is assessing it