Fines, GDPR

Hotel group fined approx 148,000 euros for failing to delete over 500,000 customer profiles

Published:

Last updated:

Copenhagen Street Scene Canal
Home » Articles » Hotel group fined approx 148,000 euros for failing to delete over 500,000 customer profiles

If you have old contacts sitting around in your CRM or email marketing software, now is the time to delete them. Because recent cases tell us, regulators are paying increasing attention to GDPR’s requirement to only keep data for as long as you need it.

On the 27th of August 2020, Danish data protection authority Datatilsynet published that they intend to fine hotel chain Arp-Hansen Hotel Group DKK 1.1 million (approx 148,000 euros) for failing to delete customer profiles in accordance with their own data policy. The Arp-Hansen Hotel Group operates 12 high-end hotels in Copenhagen and Aarhus

The ruling is based after a 2018 audit by the data authority. Datatilsynet reported that over 500,000 profiles which should have been deleted remained on their systems.

“In a society where our personal data is increasingly being registered and exploited, it is crucial that we as citizens can have confidence that our personal data is processed for objective purposes and that it is only stored for as long as is necessary,” Datatilsynet Office Manager Frederik Viksøe Siegumfeldt said.

The original disclosure, in Danish is available to read here.

Author

  • Scott Dooley

    Scott Dooley is a seasoned entrepreneur and data protection expert with over 15 years of experience in the tech industry. As the founder of Measured Collective and Kahunam, Scott has dedicated his career to helping businesses navigate the complex landscape of data privacy and GDPR compliance. With a background in marketing and web development, Scott brings a unique perspective to data protection issues, understanding both the technical and business implications of privacy regulations. His expertise spans from cookie compliance to implementing privacy-by-design principles in software development. Scott is passionate about demystifying GDPR and making data protection accessible to businesses of all sizes. Through his blog, he shares practical insights, best practices, and the latest developments in data privacy law, helping readers stay informed and compliant in an ever-changing regulatory environment.

    View all posts

Popular posts on Measured Collective

  1. ICO Fine Cathay Pacific £500,000 for failing to protect customers’ data
  2. Can an individual get a GDPR fine?
  3. GDPR & Google Workspace: How to stay compliant with GDPR
  4. Europe data privacy decisions round-up August 2021
  5. Spanish Data Authority (AEPD) fines e-commerce website €3,000 for unlawful cookie practices

Now Available to Start Immediately:

GDPR Online Training Course

There's no time like now, to give your team the training they need.

Article: Do I need ongoing GDPR training?

New to the site

Measured Collective Logo in White on Transparent