Support Centre

You have out of 5 free articles left for the month

Signup for a trial to access unlimited content.

Start Trial

Continue reading on DataGuidance with:

Free Member

Limited Articles

Create an account to continue accessing select articles, resources, and guidance notes.

Free Trial

Unlimited Access

Start your free trial to access unlimited articles, resources, guidance notes, and workspaces.

Spain: AEPD fines Equifax Iberica €75,000 for GDPR violations

The Spanish data protection authority ('AEPD') issued, on 9 June 2020, a resolution ('the Resolution') in proceeding No. PS/00451/2019 against Equifax Iberica, S.L., fining the company €75,000 for violating Article 6(1)(f) of the General Data Protection Regulation (Regulation (EU) 2016/679) ('GDPR'). In particular, the Resolution outlines that an individual complainant requested via email the deletion of their data from the National Association of Financial Credit Institutions' ('ASNEF') file. In addition, the Resolution highlights that Equifax Iberica responded that the exercise of the complainant's right was excessive and did not proceed with the deletion. As a result, the Resolution states that Equifax Iberica's conduct amounted to a violation of Article 6(1)(f) of the GDPR, since the company did not comply with the obligation established under Article 20(1)(c) of Organic Law 3/2018, of 5 December 2018, on the Protection of Personal Data and Guarantee of Digital Rights, which provides for the data to remain blocked for 30 days. 

You can read the Resolution, only available in Spanish, here