Details:
| Summary | The Spanish DPA (AEPD) imposed a fine of EUR 15,000 on a homeowners’ association. The controller had publicly displayed the record of a homeowners’ meeting in the elevator of the building where the participants lived. From the records, the names, floors and apartment numbers of the meeting participants could be obtained, as well as the floors and apartment numbers of neighbors about whom the participants had complained during the meeting. The controller had justified the public notice with the fact that the results of this meeting concerned planned legal actions against some of the residential parties. They were to be informed about this so that they would not be able to claim later that they had not received the relevant notifications. The DPA considers this to be a violation of Art. 5 (1) f) GDPR, which refers to the principles of integrity and confidentiality of personal data. |
| Link: | link |
| Related articles: | Art. 5 (1) f) GDPR |
| Type: | Non-compliance with general data processing principles |
| Fine: | EUR 15,000 |
| Sector | Real Estate |
All data is based on The CMS’s Law GDPR Enforcement Tracker Source: https://www.enforcementtracker.com/