C064 CRIF GmbH (Austria)

Credit Scoring
Controller
CRIF GmbH (Austria)
Case status
Pending (12 - 18 months)
Filed: (1 year 5 months ago)

In the course of its procedures against CRIF and also by various data subjects approaching us, we learned that CRIF systematically withholds information when asked for access under Article 15 GDPR. CRIF never provides information on the sources of data they process and only provides information on the data recipients of the last 6 months. Noyb filed a complaint on the violation of Article 12(1),(2) and (3) and Article 15(1)(c) and (g) GDPR with the DSB. We also provided ample evidence that CRIF's conduct willfully and systematically violates the GDPR and suggested to impose a fine.

Protocol
Fecha Summary
11.09.2024
noyb asks DSB for update
14.02.2024
Phone Call with DSB and Email to DSB

There has been no interrogation of a CRIF person yet. Is supposed to take place in February.

23.10.2023
Phone call with DSB

Complaint was received. On 22.09.2023 CRIF has been interrogated, noyb/complainant was not informed of this but will receive protocol of interrogation soon.

30.08.2023
Mostly sources and recipients of data.
20.07.2023
Complaint